![](/screenshots/3fa151e4-2bea-4840-8ed6-d5b9c24a442d.png)
staging.heylogin.app
Open in
urlscan Pro
2a01:4f8:1c0c:82d4::1
Public Scan
Effective URL: https://staging.heylogin.app/inbox/
Submission: On February 03 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 9th 2022. Valid for: 3 months.
This is the only time staging.heylogin.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 2a01:4f8:1c0c... 2a01:4f8:1c0c:82d4::1 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2606:4700::68... 2606:4700::6811:b658 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 3 |
ASN24940 (HETZNER-AS, DE)
staging.heylogin.me | |
staging.heylogin.app |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
heylogin.app
staging.heylogin.app |
815 KB |
1 |
report-uri.com
heyloginapp.report-uri.com |
615 B |
1 |
heylogin.me
1 redirects
staging.heylogin.me |
76 B |
16 | 3 |
Domain | Requested by | |
---|---|---|
14 | staging.heylogin.app |
staging.heylogin.app
|
1 | heyloginapp.report-uri.com |
staging.heylogin.app
|
1 | staging.heylogin.me | 1 redirects |
16 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.heylogin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
staging.heylogin.app R3 |
2022-12-09 - 2023-03-09 |
3 months | crt.sh |
*.report-uri.com E1 |
2023-01-28 - 2023-04-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://staging.heylogin.app/inbox/
Frame ID: CB06A2A41197BF032DF7C76FEAC3D497
Requests: 16 HTTP requests in this frame
Screenshot
![](/screenshots/3fa151e4-2bea-4840-8ed6-d5b9c24a442d.png)
Page Title
heyloginPage URL History Show full URLs
-
https://staging.heylogin.me/
HTTP 302
https://staging.heylogin.app/inbox/ Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy, terms and conditions
Search URL Search Domain Scan URL
Title: Site notice
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://staging.heylogin.me/
HTTP 302
https://staging.heylogin.app/inbox/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
staging.heylogin.app/inbox/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e646e73c.chunk.css
staging.heylogin.app/static/css/ |
57 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.efc2f152.js
staging.heylogin.app/static/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10.67812dc0.chunk.js
staging.heylogin.app/static/js/ |
1 MB 377 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f3f5ac69.chunk.js
staging.heylogin.app/static/js/ |
1 MB 299 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
enforce
heyloginapp.report-uri.com/r/d/csp/ |
0 615 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17.90ab120a.chunk.js
staging.heylogin.app/static/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13.67aefe5d.chunk.css
staging.heylogin.app/static/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13.f85e48f4.chunk.js
staging.heylogin.app/static/js/ |
63 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.dcec2fd4.chunk.js
staging.heylogin.app/static/js/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.7443dace.chunk.js
staging.heylogin.app/static/js/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.fb5aa0a9.chunk.css
staging.heylogin.app/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.310380b4.chunk.js
staging.heylogin.app/static/js/ |
146 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
28.b3e9cc35.chunk.css
staging.heylogin.app/static/css/ |
2 KB 850 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
28.54d09449.chunk.js
staging.heylogin.app/static/js/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
CreateLongPollChannelChallenge
staging.heylogin.app/api/v1/domain.CredentialService/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- staging.heylogin.app
- URL
- https://staging.heylogin.app/api/v1/domain.CredentialService/CreateLongPollChannelChallenge
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| webpackJsonpclient-web object| proto object| __SENTRY__ function| Mousetrap object| __sentry_instrumentation_handlers__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src https://staging.subscriptions.heylogin.com; font-src 'self' data:; img-src 'self' data:; connect-src 'self' https://*.staging.heylogin.app https://sentry.heylogin.app; report-uri https://heyloginapp.report-uri.com/r/d/csp/enforce |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
heyloginapp.report-uri.com
staging.heylogin.app
staging.heylogin.me
staging.heylogin.app
2606:4700::6811:b658
2a01:4f8:1c0c:82d4::1
1f68040882ff4f0cd5fc43e3d727b62ab630a138282a0440800e3f69e65a06da
38c36993f8eab2284791796a21d8df63693af07e194c7f813fc3b7d17495a391
3988672b43db4301be550e9dc275927796f6e33229b8158416c117ade4b30efa
4a0815d81490b30274e71e2eea81f3cccc1b4ff484697915681bcdbb15b85132
4fb14053b03a2d123d02e5420336696a79adad40d17a98bf4b8ec8bc681defa0
6c01d53ece058cc7f0c4533afe040295fac8c05ebc8e605752eb86e936dc5971
86a0e3d8471bdb4fc6b7d64ffc6caec76dab7edbb02a83f6ea1aef72d7b05cae
8cacfc6abe185eafc195b2068134ddef872c36758496e9616390a7f764403047
91a4696dc4cff0768e79e4de65689dc854e3ff439838e7f548418805273abcf2
a04677fe335f43246bf7dc4aa76caaaf4b0ecc5ffb485bfe8a13887f65f1da7d
dfc5667c6abd1d90179f5a8f7dc691afb17f22627381fa873b85099e9d9788e4
e1aa480484dce9deafdf58a59fc4060eb8de09e294ae9945fd1d066e21760bdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4d7e3c05f3f6dedcd9403a95394015ae06dc81e1e54f5d5cde1b443397304ce
f9bb9b103e1890ffd3cc5c72f62ce028e281fce06182ba58fc60d0f370bcf9e6