urlscan.io logo urlscan.io
SecurityTrails logo

app.heba.ee Open in urlscan Pro
2600:9000:23ca:6c00:18:404e:ed40:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ec2-52-33-3-241.us-west-2.compute.amazonaws.com/x/d?c=28337113&l=8d39eb96-d77b-44cc-baca-a7910a0eaf30&r=6f9132ab-ac0f-44df-9c6e-33fc63183259
Effective URL: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Submission: On February 03 via manual from EE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 2600:9000:23ca:6c00:18:404e:ed40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.heba.ee.
TLS certificate: Issued by Amazon on August 15th 2022. Valid for: a year.
This is the only time app.heba.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.33.3.241 16509 (AMAZON-02)
9 2600:9000:23c... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
5 52.28.0.136 16509 (AMAZON-02)
9 13.51.179.49 16509 (AMAZON-02)
26 5
1    52.33.3.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-3-241.us-west-2.compute.amazonaws.com
ec2-52-33-3-241.us-west-2.compute.amazonaws.com
9    2600:9000:23ca:6c00:18:404e:ed40:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.heba.ee
1    2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    52.28.0.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-0-136.eu-central-1.compute.amazonaws.com
backend.heba.ee
9    13.51.179.49 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
id.dokobit.com
Domain Requested by
9 id.dokobit.com app.heba.ee
id.dokobit.com
9 app.heba.ee app.heba.ee
5 backend.heba.ee app.heba.ee
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com app.heba.ee
1 ec2-52-33-3-241.us-west-2.compute.amazonaws.com 1 redirects
26 6

This site contains no links.

Subject Issuer Validity Valid
*.heba.ee
Amazon		 2022-08-15 -
2023-09-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.dokobit.com
Sectigo RSA Organization Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Frame ID: 2CD864D0DEE2449A682DA8DA3407DB81
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HeBA

Page URL History Show full URLs

  1. http://ec2-52-33-3-241.us-west-2.compute.amazonaws.com/x/d?c=28337113&l=8d39eb96-d77b-44cc-baca-a7910a0eaf30&r=6f9132ab-ac0f-44df-9... HTTP 302
    https://app.heba.ee/employee/businesses/1/health-manager/general-health Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

2235 kB
Transfer

5903 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ec2-52-33-3-241.us-west-2.compute.amazonaws.com/x/d?c=28337113&l=8d39eb96-d77b-44cc-baca-a7910a0eaf30&r=6f9132ab-ac0f-44df-9c6e-33fc63183259 HTTP 302
    https://app.heba.ee/employee/businesses/1/health-manager/general-health Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request general-health
app.heba.ee/employee/businesses/1/health-manager/
Redirect Chain
  • http://ec2-52-33-3-241.us-west-2.compute.amazonaws.com/x/d?c=28337113&l=8d39eb96-d77b-44cc-baca-a7910a0eaf30&r=6f9132ab-ac0f-44df-9c6e-33fc63183259
  • https://app.heba.ee/employee/businesses/1/health-manager/general-health
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.heba.ee/employee/businesses/1/health-manager/general-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
168736af28b1d087c5c88033af744f2ccd9e2d605ad9c22c98df29accc88cfb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
10683
content-encoding
gzip
content-type
text/html
date
Fri, 03 Feb 2023 10:10:46 GMT
etag
W/"c589e13accb937f284b3a72b3574704c"
last-modified
Tue, 31 Jan 2023 11:59:45 GMT
permissions-policy
geolocation=(self)
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-amz-cf-id
6rJYLcKnqnWTf5aFN-k_7iiXt-lllzo_CbqMQia6XkowzAJ7YhURZw==
x-amz-cf-pop
JFK50-P2
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Feb 2023 13:08:42 GMT
Location
https://app.heba.ee/employee/businesses/1/health-manager/general-health
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
css
fonts.googleapis.com/ 		4 KB
938 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,600,700,800&display=swap
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e173be22e9ee9f0fcb0e8834ab8cdf429bba922566e3351145b4a58070d466c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Feb 2023 13:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 13:08:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Feb 2023 13:08:48 GMT
Logo.png
app.heba.ee/assets/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.heba.ee/assets/img/Logo.png
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a05d107ae5be5f42359a6e5fbe72e5af62e4d30c8655cabd8569fd18894fb792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 07:26:30 GMT
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P2
age
20539
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8356
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 31 Jan 2023 11:59:44 GMT
server
AmazonS3
etag
"a7d65c75f3851beb4ebc1d70735ad978"
x-frame-options
DENY
content-type
image/png
permissions-policy
geolocation=(self)
accept-ranges
bytes
x-amz-cf-id
SZ0Ir8_rcFCJbOuXsNfmzh1Nedwk56mf0_N4Pm0v0Xm2rxgYpNobsQ==
runtime-es2015.c808e9589e58b925bb05.js
app.heba.ee/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.heba.ee/runtime-es2015.c808e9589e58b925bb05.js
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
489052c0916346fa82b7df8c54c993c7dc9ffa526685384aadf0e4a3f3034065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.heba.ee/
Origin
https://app.heba.ee
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:10:47 GMT
content-encoding
gzip
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P2
age
10682
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 31 Jan 2023 11:59:45 GMT
server
AmazonS3
etag
W/"ee64987209eebffc25882b068705b3f4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self)
x-amz-cf-id
LehazDPK6WXcrr640HtKrTacQ6jtfTT9kAze9eGw5qyorQNXqG-VZg==
polyfills-es2015.8196a19e9fc5a38e3359.js
app.heba.ee/ 		248 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.heba.ee/polyfills-es2015.8196a19e9fc5a38e3359.js
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b0d839ac7f129f41bf3012c59deddb7cc28e1081b987c62fbb834a52af98e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.heba.ee/
Origin
https://app.heba.ee
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 01:29:02 GMT
content-encoding
gzip
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P2
age
41987
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 31 Jan 2023 11:59:45 GMT
server
AmazonS3
etag
W/"d6cb30ae4fc4e5acd5db717f5a0cc9e2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self)
x-amz-cf-id
-rMgEh5UlkO9mewh7LfGjuEMlnB61sPA3Dap-KgTNihAys1GAfr0Ig==
scripts.f175f95f904227743f7e.js
app.heba.ee/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.heba.ee/scripts.f175f95f904227743f7e.js
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d14c91b941e500d539e3ef8821dabaa96e2fa895670f5554781dc8df82735b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:48 GMT
content-encoding
gzip
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P2
age
10682
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 31 Jan 2023 11:59:46 GMT
server
AmazonS3
etag
W/"687703cd75f3444ac0c30929c3182fe9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self)
x-amz-cf-id
ml82A8_Ao59KFOWOsXNdd7XVy0PvG2RE_aN0FCI-m_ZeJFK_sHwY_Q==
main-es2015.80bad518876fd448de95.js
app.heba.ee/ 		4 MB
866 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.heba.ee/main-es2015.80bad518876fd448de95.js
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7c7fc8d08ff5d345974de6e3d49b993c97355fe50808a762110450656acfc33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.heba.ee/
Origin
https://app.heba.ee
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 22:54:44 GMT
content-encoding
gzip
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P2
age
51245
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 31 Jan 2023 11:59:45 GMT
server
AmazonS3
etag
W/"b31de81cb5897440c78de14c6241b8a9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
permissions-policy
geolocation=(self)
x-amz-cf-id
s0uYbxK8gpdgA8S6xuWbHv_e_O-9E-9PewCD1geRZcRbYMhkVJPS4Q==
styles.ec5ae5da6a18596dd3bc.css
app.heba.ee/ 		714 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.heba.ee/styles.ec5ae5da6a18596dd3bc.css
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/employee/businesses/1/health-manager/general-health
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c72e9aaed63b7081451fd6e21aa93f164a84cc2425628ac9b029c49718275f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 22:54:43 GMT
content-encoding
gzip
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P2
age
51246
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 31 Jan 2023 11:59:46 GMT
server
AmazonS3
etag
W/"006d7560b61598ea8b4120ebda273161"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
permissions-policy
geolocation=(self)
x-amz-cf-id
Uve0NfFFpWHCY_2Aoj9agC0xGxeLeGR6oL-LQp5WF5SwUI2Wb5rnsA==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.heba.ee
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:05:57 GMT
x-content-type-options
nosniff
age
39771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 02:05:57 GMT
/
backend.heba.ee/socket.io/ 		99 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.heba.ee/socket.io/?EIO=3&transport=polling&t=OONPDCk
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/polyfills-es2015.8196a19e9fc5a38e3359.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.0.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-0-136.eu-central-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
a8268ea8b29875cec764479ddffc54861de87f1d5034aeebf4e1189d29dc5d0e

Request headers

Accept
*/*
Referer
https://app.heba.ee/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
https://app.heba.ee
date
Fri, 03 Feb 2023 13:08:49 GMT
access-control-allow-credentials
true
server
nginx/1.22.1
content-length
99
content-type
text/plain; charset=UTF-8
et.json
app.heba.ee/assets/i18n/ 		70 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.heba.ee/assets/i18n/et.json
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/polyfills-es2015.8196a19e9fc5a38e3359.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3963ee23f144e2b14dae213b62a485683a6a6bbe86863576f9a6bdaf32d4cd37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.heba.ee/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 22:54:48 GMT
content-encoding
gzip
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P2
age
51242
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 31 Jan 2023 11:59:44 GMT
server
AmazonS3
etag
W/"06ea238c1678d92e95a103e0e48cc590"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json
permissions-policy
geolocation=(self)
x-amz-cf-id
2uJ-XQohhCpEi1ymo6q_z7mP7xkgx7sWupJODyG3gA-6GniZghbjcg==
dokobit-integration.min.js
id.dokobit.com/js/ 		741 KB
742 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.dokobit.com/js/dokobit-integration.min.js
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/main-es2015.80bad518876fd448de95.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
559ff9e8b882a558ace3582d77710a9b9f22ae2445f73a5fa36d7abb9566a66b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:49 GMT
last-modified
Friday, 03-Feb-2023 13:08:49 GMT
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
758283
expires
Fri, 03 Feb 2023 13:08:48 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.heba.ee
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 23:09:18 GMT
x-content-type-options
nosniff
age
568771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 23:09:18 GMT
/
backend.heba.ee/socket.io/ 		4 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.heba.ee/socket.io/?EIO=3&transport=polling&t=OONPDMj&sid=L4oWNDhx9qQe06_wAACg
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/polyfills-es2015.8196a19e9fc5a38e3359.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.0.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-0-136.eu-central-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
3bce01fc760abe6234cbedd2b7cad5d697e7b8b380397c7d80afe13513253e33

Request headers

Accept
*/*
Referer
https://app.heba.ee/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
https://app.heba.ee
date
Fri, 03 Feb 2023 13:08:49 GMT
access-control-allow-credentials
true
server
nginx/1.22.1
content-length
4
content-type
text/plain; charset=UTF-8
/
backend.heba.ee/socket.io/ 		3 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.heba.ee/socket.io/?EIO=3&transport=polling&t=OONPDOj&sid=L4oWNDhx9qQe06_wAACg
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/polyfills-es2015.8196a19e9fc5a38e3359.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.0.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-0-136.eu-central-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept
*/*
Referer
https://app.heba.ee/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
https://app.heba.ee
date
Fri, 03 Feb 2023 13:08:50 GMT
access-control-allow-credentials
true
server
nginx/1.22.1
content-length
3
content-type
text/plain; charset=UTF-8
create
backend.heba.ee/auth/ 		217 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.heba.ee/auth/create
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/polyfills-es2015.8196a19e9fc5a38e3359.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.0.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-0-136.eu-central-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
8c795e689150f13db91e5010143127002cb1a97ccd64b748f7a1e2a29192b668
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.heba.ee/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 Feb 2023 13:08:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
server
nginx/1.22.1
etag
W/"d9-hzpBDuC/2t9OCxC/icG93AvOfLM"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
content-length
217
x-xss-protection
1; mode=block
create
backend.heba.ee/auth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://backend.heba.ee/auth/create
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.0.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-0-136.eu-central-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.heba.ee
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Fri, 03 Feb 2023 13:08:50 GMT
server
nginx/1.22.1
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
identity.css
id.dokobit.com/assets/style/identity/ 		42 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.dokobit.com/assets/style/identity/identity.css?v1669666143001
Requested by
Host: id.dokobit.com
URL: https://id.dokobit.com/js/dokobit-integration.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b25b9d670f715ecf42f0d4736b2059c4879bc30e0b3b2d6e64ef435627b8c72a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:51 GMT
last-modified
Mon, 28 Nov 2022 20:09:13 GMT
server
nginx
etag
"63851569-a8ef"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token
content-length
43247
applet.css
id.dokobit.com/assets/sc/applet/ 		41 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.dokobit.com/assets/sc/applet/applet.css?v1669666143001
Requested by
Host: id.dokobit.com
URL: https://id.dokobit.com/js/dokobit-integration.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
219eb7db9a85ec485f88cc7f01be20f3b70f42b1f55b57c8e3dd3a2ddf992e19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:51 GMT
last-modified
Mon, 28 Nov 2022 20:09:13 GMT
server
nginx
etag
"63851569-a3cf"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token
content-length
41935
eb4cbef4bfad0cb5605888124d22500ea5aaa63c9388461312f28b2175b5398d
id.dokobit.com/auth/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.dokobit.com/auth/eb4cbef4bfad0cb5605888124d22500ea5aaa63c9388461312f28b2175b5398d?_locale=et&version=2
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/polyfills-es2015.8196a19e9fc5a38e3359.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
513ffe0e6bf594cefca94597a66fba57352d8a74db1b484c22c8524fbbd28523
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://app.heba.ee/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://app.heba.ee
cache-control
max-age=0, must-revalidate, private
access-control-allow-headers
X-CSRF-Token
expires
Fri, 03 Feb 2023 13:08:51 GMT
translations.js
id.dokobit.com/js/translations/ 		273 KB
273 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.dokobit.com/js/translations/translations.js?v=1669666143001
Requested by
Host: app.heba.ee
URL: https://app.heba.ee/polyfills-es2015.8196a19e9fc5a38e3359.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
640580c13fa726aa39ade73eaaeacbf883db335015dfd914bd0b7c72a9bbb5eb

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://app.heba.ee/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:52 GMT
last-modified
Mon, 28 Nov 2022 20:09:13 GMT
server
nginx
etag
"63851569-4423b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token
content-length
279099
Logo_full.png
app.heba.ee/assets/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.heba.ee/assets/img/Logo_full.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:6c00:18:404e:ed40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68508b552949f2587c9b056880b0d943b304a85caf4ba9af617afaec88d9bedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:10:54 GMT
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P2
age
10679
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16254
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 31 Jan 2023 11:59:44 GMT
server
AmazonS3
etag
"a5b0d4dc2b372935e648420b111dd696"
x-frame-options
DENY
content-type
image/png
permissions-policy
geolocation=(self)
accept-ranges
bytes
x-amz-cf-id
sYXhNREJ6CW7tWgoh_21t9NScv3wQmJsr-kBIwtEodgXA-xRlPv6dA==
ic_smartid_24px.svg
id.dokobit.com/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.dokobit.com/assets/img/ic_smartid_24px.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0958aa65a5f6fba01fa76316f9f7ba1118a49da5e247b00c7b4ace7d337e4821

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:52 GMT
last-modified
Mon, 28 Nov 2022 20:08:42 GMT
server
nginx
etag
"6385154a-d5b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token
content-length
3419
lt.svg
id.dokobit.com/assets/img/flags/ 		576 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.dokobit.com/assets/img/flags/lt.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a0d5027c3ff38e0192c498bc25d43eaa2aeaa4ec84e5b0fa312cae2bb73210bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:52 GMT
last-modified
Mon, 28 Nov 2022 20:08:42 GMT
server
nginx
etag
"6385154a-240"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token
content-length
576
lv.svg
id.dokobit.com/assets/img/flags/ 		614 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.dokobit.com/assets/img/flags/lv.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1e868554ac8bf28633303c0c93bc9907216f101652db640c35d7b40f7853e9bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:52 GMT
last-modified
Mon, 28 Nov 2022 20:08:42 GMT
server
nginx
etag
"6385154a-266"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token
content-length
614
ee.svg
id.dokobit.com/assets/img/flags/ 		611 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.dokobit.com/assets/img/flags/ee.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.179.49 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-179-49.eu-north-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d940d789df67721af28ff3135a41c8807e79bbd208b77e51af52a335d669bafe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.heba.ee/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 13:08:52 GMT
last-modified
Mon, 28 Nov 2022 20:08:42 GMT
server
nginx
etag
"6385154a-263"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token
content-length
611

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| webpackChunkheba function| setImmediate function| clearImmediate function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| cookieconsent function| Hammer object| ptrAnimatesMaterial object| __zone_symbol__pagehidefalse object| __zone_symbol__loadfalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__scrollfalse object| __zone_symbol__resizefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| regeneratorRuntime function| $ function| jQuery object| Isign object| hwcrypto object| __zone_symbol__touchmovefalse object| iSignApplet function| isCertificateSelectionAvailable function| initPlugin function| initJavaApplet function| extensionLoaded function| appletLoaded function| extensionUnavailable function| certificatesLoaded function| log function| dataSigned function| updateRequired function| isEdgeBrowser function| isOsX function| browserSupportsIsignExtension function| DokobitIdentity object| __zone_symbol__ON_PROPERTYload function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

2 Cookies

Domain/Path Name / Value
backend.heba.ee/ Name: AWSALB
Value: Rddq6vGo+IvU+I/5ysQUuYASSXc3Jt6yYrozyGlhG+hz30VAHVFjMBviyHQAKSUDVG5Q1e5Ej4FS3myM/YultpFzititSzdddordzuActHzNOSiT2b0Z7PoQLYCb
backend.heba.ee/ Name: AWSALBCORS
Value: Rddq6vGo+IvU+I/5ysQUuYASSXc3Jt6yYrozyGlhG+hz30VAHVFjMBviyHQAKSUDVG5Q1e5Ej4FS3myM/YultpFzititSzdddordzuActHzNOSiT2b0Z7PoQLYCb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.heba.ee
backend.heba.ee
ec2-52-33-3-241.us-west-2.compute.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
id.dokobit.com
13.51.179.49
2600:9000:23ca:6c00:18:404e:ed40:93a1
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c1b::5f
52.28.0.136
52.33.3.241
0958aa65a5f6fba01fa76316f9f7ba1118a49da5e247b00c7b4ace7d337e4821
168736af28b1d087c5c88033af744f2ccd9e2d605ad9c22c98df29accc88cfb6
1e868554ac8bf28633303c0c93bc9907216f101652db640c35d7b40f7853e9bd
219eb7db9a85ec485f88cc7f01be20f3b70f42b1f55b57c8e3dd3a2ddf992e19
3963ee23f144e2b14dae213b62a485683a6a6bbe86863576f9a6bdaf32d4cd37
3b0d839ac7f129f41bf3012c59deddb7cc28e1081b987c62fbb834a52af98e8e
3bce01fc760abe6234cbedd2b7cad5d697e7b8b380397c7d80afe13513253e33
489052c0916346fa82b7df8c54c993c7dc9ffa526685384aadf0e4a3f3034065
513ffe0e6bf594cefca94597a66fba57352d8a74db1b484c22c8524fbbd28523
559ff9e8b882a558ace3582d77710a9b9f22ae2445f73a5fa36d7abb9566a66b
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
640580c13fa726aa39ade73eaaeacbf883db335015dfd914bd0b7c72a9bbb5eb
68508b552949f2587c9b056880b0d943b304a85caf4ba9af617afaec88d9bedd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8c795e689150f13db91e5010143127002cb1a97ccd64b748f7a1e2a29192b668
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a05d107ae5be5f42359a6e5fbe72e5af62e4d30c8655cabd8569fd18894fb792
a0d5027c3ff38e0192c498bc25d43eaa2aeaa4ec84e5b0fa312cae2bb73210bf
a8268ea8b29875cec764479ddffc54861de87f1d5034aeebf4e1189d29dc5d0e
b25b9d670f715ecf42f0d4736b2059c4879bc30e0b3b2d6e64ef435627b8c72a
c72e9aaed63b7081451fd6e21aa93f164a84cc2425628ac9b029c49718275f9e
d14c91b941e500d539e3ef8821dabaa96e2fa895670f5554781dc8df82735b46
d7c7fc8d08ff5d345974de6e3d49b993c97355fe50808a762110450656acfc33
d940d789df67721af28ff3135a41c8807e79bbd208b77e51af52a335d669bafe
e173be22e9ee9f0fcb0e8834ab8cdf429bba922566e3351145b4a58070d466c3