urlscan.io logo urlscan.io
SecurityTrails logo

heroku.support Open in urlscan Pro
34.199.254.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://heroku.support.admin-mcas-gov.us/
Effective URL: https://heroku.support/login
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 14 HTTP transactions. The main IP is 34.199.254.206, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is heroku.support.
TLS certificate: Issued by R3 on July 8th 2022. Valid for: 3 months.
This is the only time heroku.support was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.72.27.220 8075 (MICROSOFT...)
3 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 7 34.199.254.206 14618 (AMAZON-AES)
2 2600:9000:21d... 16509 (AMAZON-02)
1 151.101.130.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
14 7
1    13.72.27.220 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
heroku.support.admin-mcas-gov.us
3    2600:141b:13::17d7:825a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
7    34.199.254.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-254-206.compute-1.amazonaws.com
heroku.support
2    2600:9000:21da:9000:15:5f5a:e9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.herokucdn.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
7 heroku.support
heroku.support
278 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 54274
50 KB
2 herokucdn.com
www.herokucdn.com — Cisco Umbrella Rank: 151685
51 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 283
711 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 402
14 KB
1 admin-mcas-gov.us
heroku.support.admin-mcas-gov.us
890 B
14 6
Domain Requested by
7 heroku.support 1 redirects heroku.support
3 mcasproxy.azureedge.net heroku.support.admin-mcas-gov.us
mcasproxy.azureedge.net
2 www.herokucdn.com heroku.support
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com heroku.support
1 heroku.support.admin-mcas-gov.us
14 6
Subject Issuer Validity Valid
*.mcas-gov.us
DigiCert SHA2 Secure Server CA		 2022-08-09 -
2023-08-09		 a year crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
heroku.support
R3		 2022-07-08 -
2022-10-06		 3 months crt.sh
www.herokucdn.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://heroku.support/login
Frame ID: 89F683DCE7BFB893FD7DD2998AEC9004
Requests: 20 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.17.40/html/session-context-restore.html
Frame ID: 209A2EF82F16D089172B6D51487498C1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heroku SupportHeroku Support

Page URL History Show full URLs

  1. https://heroku.support.admin-mcas-gov.us/ Page URL
  2. https://heroku.support/ HTTP 302
    https://heroku.support/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

7
IPs

1
Countries

394 kB
Transfer

1225 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://heroku.support.admin-mcas-gov.us/ Page URL
  2. https://heroku.support/ HTTP 302
    https://heroku.support/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
heroku.support.admin-mcas-gov.us/ 		1 KB
890 B 		Document
General
Check archive.org
Download Go to
Full URL
https://heroku.support.admin-mcas-gov.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.72.27.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
4024db2216e9bc4fd183b0f1032fecd2a72597a4e347605d666ef193e44c55e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Aug 2022 13:55:09 GMT
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
server
openresty
strict-transport-security
max-age=31536000
x-mcas-cache-status
MISS
x-mcas-processing-time
3
x-mcas-request-id
5bf701f187c17771c0ddb80d9a83d820
x-mcas-upstream-time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.17.40/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.17.40/js/session-context-store-helper.min.js
Requested by
Host: heroku.support.admin-mcas-gov.us
URL: https://heroku.support.admin-mcas-gov.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4e44758542e7203cb2050755ccf83633e63e62d854aff74c928943088be90075

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support.admin-mcas-gov.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 13:55:09 GMT
last-modified
Mon, 04 Jul 2022 18:24:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
HzQhQbcTmGXRWSfOLdiXQw==
etag
0x8DA5DEA62FB8D48
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
517bea25-401e-004f-413d-900b33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31346777
x-ms-version
2009-09-19
content-length
7569
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.17.40/html/ Frame 209A 		281 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.17.40/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.17.40/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

Referer
https://heroku.support.admin-mcas-gov.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31346777
content-length
281
content-md5
vDuuGHIdcY/gQtnraxH9qw==
content-type
text/html
date
Tue, 09 Aug 2022 13:55:09 GMT
etag
0x8DA5DEA91B64F99
last-modified
Mon, 04 Jul 2022 18:25:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
2e9d6db1-601e-0053-7cd9-8fd324000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.17.40/js/ Frame 209A 		40 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.17.40/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.17.40/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:825a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
335bc17ea5f91c4585ff408bcd0cd779ffb2668a1d8207394bde38e8537ed0fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.17.40/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 13:55:09 GMT
last-modified
Mon, 04 Jul 2022 18:24:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
rvb+tkBFoqsvGgzyWOxnDQ==
etag
0x8DA5DEA6295A7CA
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2e9d6de2-601e-0053-23d9-8fd324000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31346778
x-ms-version
2009-09-19
content-length
41368
Primary Request login
heroku.support/
Redirect Chain
  • https://heroku.support/?
  • https://heroku.support/login
19 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heroku.support/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.199.254.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-254-206.compute-1.amazonaws.com
Software
/
Resource Hash
ec231d7fc2a8788623328f1baa637a3b14a3f769085dfba34e657073047f3c4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heroku.support.admin-mcas-gov.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Aug 2022 13:55:09 GMT
Etag
W/"ec231d7fc2a8788623328f1baa637a3b"
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Origin
Via
1.1 spaces-router (ec8e39011293)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
89fcc62e-7e4f-dc6d-3650-9ffa7b976a7f
X-Runtime
0.004939
X-Xss-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Content-Length
94
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Aug 2022 13:55:09 GMT
Location
https://heroku.support/login
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Origin
Via
1.1 spaces-router (ec8e39011293)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
0d076333-7516-3bc9-6704-b6d10aff34b9
X-Runtime
0.002885
X-Xss-Protection
1; mode=block
application-777e18a7d395a63687188a30101cfed0218026a50ea90bf0bd17cd98c74a89ff.css
heroku.support/assets/ 		918 KB
200 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heroku.support/assets/application-777e18a7d395a63687188a30101cfed0218026a50ea90bf0bd17cd98c74a89ff.css
Requested by
Host: heroku.support
URL: https://heroku.support/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.199.254.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-254-206.compute-1.amazonaws.com
Software
/
Resource Hash
5fd169feddce1f96f4c25a81a6dfa36a976bf66f4be5a83e4417f0fca9b87bd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 spaces-router (ec8e39011293)
Last-Modified
Tue, 02 Aug 2022 18:44:41 GMT
Date
Tue, 09 Aug 2022 13:55:09 GMT
Vary
Accept-Encoding, Origin
Content-Type
text/css
Content-Encoding
gzip
Content-Length
204822
jquery_only-623d72192859847d007933bae89d3e16e6532ca2425853cf376d34ff006a37cc.js
heroku.support/assets/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heroku.support/assets/jquery_only-623d72192859847d007933bae89d3e16e6532ca2425853cf376d34ff006a37cc.js
Requested by
Host: heroku.support
URL: https://heroku.support/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.199.254.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-254-206.compute-1.amazonaws.com
Software
/
Resource Hash
b7458e62bace5aee761c61948f390a6633709afd2adb0643cb8d250734bd25a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 spaces-router (ec8e39011293)
Last-Modified
Thu, 25 Mar 2021 11:21:24 GMT
Date
Tue, 09 Aug 2022 13:55:09 GMT
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
Content-Encoding
gzip
Content-Length
30307
glostick-heroku-support.min.js
www.herokucdn.com/glostick/latest/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/glostick/latest/glostick-heroku-support.min.js
Requested by
Host: heroku.support
URL: https://heroku.support/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:9000:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a74b7945feca25335fe727e3eb590dba983c0db012761ee371ac56dc3594a243

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 00:44:39 GMT
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 17:11:32 GMT
server
AmazonS3
age
47431
etag
W/"607ec3ad286caf4149cad705111b4f94"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dff867205390cf91b170b9bf1251e39a.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
5D9LZdqDbAIPJ7_iSERmXc8WOsnEb9lXF1fZsNpIcWSjU77RVwsWZw==
expires
Mon, 31 Dec 2029 18:00:00 GMT
salesforce_logo.svg
heroku.support/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heroku.support/images/salesforce_logo.svg
Requested by
Host: heroku.support
URL: https://heroku.support/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.199.254.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-254-206.compute-1.amazonaws.com
Software
/
Resource Hash
0e90b141d50377c71aa701636a5324b2e9e544861e7f6a6370503d5c3d04758d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 spaces-router (ec8e39011293)
Last-Modified
Mon, 08 Aug 2022 17:14:17 GMT
Date
Tue, 09 Aug 2022 13:55:09 GMT
Content-Length
5203
Vary
Origin
Content-Type
image/svg+xml
AOP_logo.png
heroku.support/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heroku.support/images/AOP_logo.png
Requested by
Host: heroku.support
URL: https://heroku.support/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.199.254.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-254-206.compute-1.amazonaws.com
Software
/
Resource Hash
93f22d8b463bf290fda13dd0f8570eaae76b9583f0b6abc99361414be11bdb3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 spaces-router (ec8e39011293)
Last-Modified
Mon, 08 Aug 2022 17:14:17 GMT
Date
Tue, 09 Aug 2022 13:55:09 GMT
Content-Length
10545
Vary
Origin
Content-Type
image/png
customer_logo.png
heroku.support/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heroku.support/images/customer_logo.png
Requested by
Host: heroku.support
URL: https://heroku.support/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.199.254.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-254-206.compute-1.amazonaws.com
Software
/
Resource Hash
112d6113879a53dafeb08fa8b7485eb9262d6cf9c98659d4e32f38ec559375fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 spaces-router (ec8e39011293)
Last-Modified
Mon, 08 Aug 2022 17:14:17 GMT
Date
Tue, 09 Aug 2022 13:55:09 GMT
Content-Length
10250
Vary
Origin
Content-Type
image/png
truncated
/ 		708 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b1d0bffed0dd0dce26abfd707a47026a2e2915b89355f0ea997c51c676f212f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		470 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3577227e5f451212006341f676d4c8bf69219bd624005f61273be6cbec676f14

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		939 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a87f447f0f8864e7d6f275f542c8e97c690bf2723a4b20d6fc09358bedecfbad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebe28991950ba1e44e03909ee90a4eb6b2c5b82b5f34810de84163d103a33e8c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02b224cefdb23ff1dc2d38aa81c6f7fdac723a681693da6e13b718bd6ab14c10

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b882d6ca8fc01e5566be0bb18f941648ab10618518bbdd995f11299691c8a96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		585 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
703b0e0a513c6a626a77444d18fe9c8cfa95810d90c553f79371d6deb3a1fb8e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78a238fcff5d77d593316a6f00677f0863f9820811944e114e64f556533704c1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
bentonsans-regular.woff
www.herokucdn.com/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/fonts/bentonsans-regular.woff
Requested by
Host: heroku.support
URL: https://heroku.support/assets/application-777e18a7d395a63687188a30101cfed0218026a50ea90bf0bd17cd98c74a89ff.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:9000:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88dc7d7ac74058797aa836f73826f9a44136f71e4a4b91a6a6c04261ab98f0fd

Request headers

Referer
https://heroku.support/
Origin
https://heroku.support
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 00:57:29 GMT
via
1.1 6840113c714f694919508fbd89b7f29c.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46661
x-cache
Hit from cloudfront
content-length
34288
last-modified
Tue, 22 Feb 2022 17:11:30 GMT
server
AmazonS3
etag
"a3103229fa33543d322525a5669d3b27"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400, public
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
x-amz-cf-id
YsfvBfJ8m5a4Ni_RbHEIrC9IkNJCWB5lypeIltqKfES_Iw1Yiz2qLQ==
expires
Mon, 31 Dec 2029 18:00:00 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: heroku.support
URL: https://heroku.support/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
6Z7ZQGKTDH477B9G
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
Gl5WRW1SK3faWWUrPMXVbUAxuqIMgRW8D1CpI0Knuq8xNt2SH8EjkrX0HZxv++2cANZVTX5zdi4=
x-served-by
cache-ewr18177-EWR
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1660053309.458624,VS0,VE0
date
Tue, 09 Aug 2022 13:55:09 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2824
NRJS-536ba07cff2d9e42539
bam.nr-data.net/1/ 		49 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-536ba07cff2d9e42539?a=1050843916&v=1216.487a282&to=ew1bQhFdClRRRxxDAEsRXFkNQUlWUUI%3D&rst=273&ck=1&ref=https://heroku.support/login&qt=1&ap=5&be=98&fe=239&dc=209&perf=%7B%22timing%22:%7B%22of%22:1660053309194,%22n%22:0,%22r%22:0,%22re%22:68,%22f%22:68,%22dn%22:68,%22dne%22:68,%22c%22:68,%22ce%22:68,%22rq%22:69,%22rp%22:86,%22rpe%22:95,%22dl%22:89,%22di%22:209,%22ds%22:209,%22de%22:210,%22dc%22:239,%22l%22:239,%22le%22:240%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=204&fcp=204&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heroku.support/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 13:55:09 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
7380fce06878e6bc-EWR

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require function| $ function| jQuery function| Glostick

3 Cookies

Domain/Path Name / Value
heroku.support/ Name: dark_mode
Value: false
heroku.support/ Name: _agent-interface-next_session
Value: a0dhMTFqcVhnSG8xbStaRzNTWStHZVBwTlR2WmM5eWVuRnlmank4YTBvdzhIZTJQMUpUTE5UaTBZcUM4ay9Ccm9tR0lJVE5hUWIwYXhOQjEvRnlyMERXWktNMXluRlNJRGdEa2p4Q01GamtOL2ZIc25EZ1RJaXROMnRaSlpTYUtRY2kxUzhRZVAyYUFLZHBJODRNZlNQR01yMUZldE92KzN1bWRPbmMvYitVcHQ5M3ZFT1B1cFBYUXJFZDkxVmg4LS02NmJvZmF0blhVUWcydkZUVW9lSVBnPT0%3D--c80d2e81886af727b4af73b667dcb157215e9a58
.nr-data.net/ Name: JSESSIONID
Value: 1a6362ab1b478c95

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
heroku.support
heroku.support.admin-mcas-gov.us
js-agent.newrelic.com
mcasproxy.azureedge.net
www.herokucdn.com
13.72.27.220
151.101.130.137
162.247.241.14
2600:141b:13::17d7:825a
2600:9000:21da:9000:15:5f5a:e9c0:93a1
34.199.254.206
02b224cefdb23ff1dc2d38aa81c6f7fdac723a681693da6e13b718bd6ab14c10
0e90b141d50377c71aa701636a5324b2e9e544861e7f6a6370503d5c3d04758d
112d6113879a53dafeb08fa8b7485eb9262d6cf9c98659d4e32f38ec559375fd
335bc17ea5f91c4585ff408bcd0cd779ffb2668a1d8207394bde38e8537ed0fc
3577227e5f451212006341f676d4c8bf69219bd624005f61273be6cbec676f14
3b882d6ca8fc01e5566be0bb18f941648ab10618518bbdd995f11299691c8a96
4024db2216e9bc4fd183b0f1032fecd2a72597a4e347605d666ef193e44c55e1
4e44758542e7203cb2050755ccf83633e63e62d854aff74c928943088be90075
5b1d0bffed0dd0dce26abfd707a47026a2e2915b89355f0ea997c51c676f212f
5fd169feddce1f96f4c25a81a6dfa36a976bf66f4be5a83e4417f0fca9b87bd2
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
703b0e0a513c6a626a77444d18fe9c8cfa95810d90c553f79371d6deb3a1fb8e
78a238fcff5d77d593316a6f00677f0863f9820811944e114e64f556533704c1
88dc7d7ac74058797aa836f73826f9a44136f71e4a4b91a6a6c04261ab98f0fd
93f22d8b463bf290fda13dd0f8570eaae76b9583f0b6abc99361414be11bdb3f
a74b7945feca25335fe727e3eb590dba983c0db012761ee371ac56dc3594a243
a87f447f0f8864e7d6f275f542c8e97c690bf2723a4b20d6fc09358bedecfbad
b7458e62bace5aee761c61948f390a6633709afd2adb0643cb8d250734bd25a6
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
ebe28991950ba1e44e03909ee90a4eb6b2c5b82b5f34810de84163d103a33e8c
ec231d7fc2a8788623328f1baa637a3b14a3f769085dfba34e657073047f3c4e