urlscan.io logo urlscan.io
SecurityTrails logo

vhda-invoice-production-f606b6601a0d.herokuapp.com Open in urlscan Pro
52.21.172.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vhda-invoice-production-f606b6601a0d.herokuapp.com/
Effective URL: https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Submission: On July 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 52.21.172.117, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is vhda-invoice-production-f606b6601a0d.herokuapp.com.
TLS certificate: Issued by R11 on July 4th 2024. Valid for: 3 months.
This is the only time vhda-invoice-production-f606b6601a0d.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 52.21.172.117 14618 (AMAZON-AES)
1 104.18.11.207 13335 (CLOUDFLAR...)
7 2
Apex Domain
Subdomains		 Transfer
7 herokuapp.com
vhda-invoice-production-f606b6601a0d.herokuapp.com
277 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286
8 KB
7 2
Domain Requested by
7 vhda-invoice-production-f606b6601a0d.herokuapp.com 1 redirects vhda-invoice-production-f606b6601a0d.herokuapp.com
1 maxcdn.bootstrapcdn.com vhda-invoice-production-f606b6601a0d.herokuapp.com
7 2

This site contains links to these domains. Also see Links.

Domain
www.vhda.com
Subject Issuer Validity Valid
vhda-invoice-production-f606b6601a0d.herokuapp.com
R11		 2024-07-04 -
2024-10-02		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Frame ID: CE30C6D1E3A7161FBD9F0A1282406FD5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rental Housing Invoice Portal

Page URL History Show full URLs

  1. https://vhda-invoice-production-f606b6601a0d.herokuapp.com/ HTTP 302
    https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • \.herokuapp\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

284 kB
Transfer

821 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vhda-invoice-production-f606b6601a0d.herokuapp.com/ HTTP 302
    https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
vhda-invoice-production-f606b6601a0d.herokuapp.com/
Redirect Chain
  • https://vhda-invoice-production-f606b6601a0d.herokuapp.com/
  • https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.172.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-172-117.compute-1.amazonaws.com
Software
/
Resource Hash
f1604fec239723fa4f2edde941fe07f74be75b0647c43e8c2a4ae3d9280441a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Length
3099
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jul 2024 07:14:30 GMT
Etag
W/"f1604fec239723fa4f2edde941fe07f7"
Link
</assets/application-48f3fce1c9c60df1661810eb09ad935114f8b121e8c307412266830b36929c4d.css>; rel=preload; as=style; nopush,</assets/application-6b1cbe65162aea7409bee6b7043d11caaa9a00102a609b421e2d710ce8672acd.js>; rel=preload; as=script; nopush
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Via
1.1 spaces-router (939715eb4669)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
16b4482c-b6f9-d036-5738-1361c5513539
X-Runtime
0.035930
X-Xss-Protection
0

Redirect headers

Cache-Control
no-cache
Content-Length
130
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jul 2024 07:14:30 GMT
Location
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Vary
Origin
Via
1.1 spaces-router (939715eb4669)
X-Request-Id
91a13561-6d88-2a7c-563e-608531bd1ff3
X-Runtime
0.048687
application-48f3fce1c9c60df1661810eb09ad935114f8b121e8c307412266830b36929c4d.css
vhda-invoice-production-f606b6601a0d.herokuapp.com/assets/ 		285 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/assets/application-48f3fce1c9c60df1661810eb09ad935114f8b121e8c307412266830b36929c4d.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.172.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-172-117.compute-1.amazonaws.com
Software
/
Resource Hash
a6d3d4360bae5b82a7fdd4c3158dca154cd2147065403c816fe34346f7826255

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 07:14:31 GMT
Content-Encoding
gzip
Via
1.1 spaces-router (939715eb4669)
Last-Modified
Sun, 07 Apr 2024 13:39:43 GMT
Content-Length
50081
Vary
Accept-Encoding, Origin
Content-Type
text/css
application-6b1cbe65162aea7409bee6b7043d11caaa9a00102a609b421e2d710ce8672acd.js
vhda-invoice-production-f606b6601a0d.herokuapp.com/assets/ 		398 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/assets/application-6b1cbe65162aea7409bee6b7043d11caaa9a00102a609b421e2d710ce8672acd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.172.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-172-117.compute-1.amazonaws.com
Software
/
Resource Hash
5f5b3066c1c769e1a55d440bcfb25a5bc422a5bdcf219533cbf1ce13f6762281

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 07:14:31 GMT
Content-Encoding
gzip
Via
1.1 spaces-router (939715eb4669)
Last-Modified
Sun, 07 Apr 2024 13:39:43 GMT
Content-Length
120297
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: vhda-invoice-production-f606b6601a0d.herokuapp.com
URL: https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 07:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
755
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2685140
cdn-cachedat
11/30/2023 17:43:30
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ab8626e4b724b111058794b60ba8757c
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
89e58f00888fbf43-WAW
cdn-requestpullsuccess
True
logo-1b7796262fc2480695cef4582197447f508a14e95e3954082f8ae6fd1d492a62.png
vhda-invoice-production-f606b6601a0d.herokuapp.com/assets/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/assets/logo-1b7796262fc2480695cef4582197447f508a14e95e3954082f8ae6fd1d492a62.png
Requested by
Host: vhda-invoice-production-f606b6601a0d.herokuapp.com
URL: https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.172.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-172-117.compute-1.amazonaws.com
Software
/
Resource Hash
1ab571d8d617be641ae83c15b347ea793165973b98cd4715f2d2557e1161c891

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 07:14:31 GMT
Via
1.1 spaces-router (939715eb4669)
Last-Modified
Sun, 07 Apr 2024 13:39:43 GMT
Content-Length
45703
Vary
Origin
Content-Type
image/png
loader-7c7a5345714d891be5d398bd2fb9cdc5d4810daf287b879b5037f03ea63c9bef.gif
vhda-invoice-production-f606b6601a0d.herokuapp.com/assets/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/assets/loader-7c7a5345714d891be5d398bd2fb9cdc5d4810daf287b879b5037f03ea63c9bef.gif
Requested by
Host: vhda-invoice-production-f606b6601a0d.herokuapp.com
URL: https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.172.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-172-117.compute-1.amazonaws.com
Software
/
Resource Hash
b48abd0c0c14872522dbe665e878794883b4329e249b8ba19f634ae836790ad6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 07:14:31 GMT
Via
1.1 spaces-router (939715eb4669)
Last-Modified
Sun, 07 Apr 2024 13:39:43 GMT
Content-Length
51144
Vary
Origin
Content-Type
image/gif
favicon.ico
vhda-invoice-production-f606b6601a0d.herokuapp.com/ 		9 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.21.172.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-172-117.compute-1.amazonaws.com
Software
/
Resource Hash
cb33c93f9ccc948a2e04b29fcfb93515b52f8967c82d4d1a5998f0f768783597

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://vhda-invoice-production-f606b6601a0d.herokuapp.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 07:14:32 GMT
Via
1.1 spaces-router (939715eb4669)
Last-Modified
Wed, 06 Mar 2024 19:16:55 GMT
Content-Length
9481
Vary
Origin
Content-Type
image/vnd.microsoft.icon

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| _toConsumableArray function| getRouting function| formatNumber function| formatAmount function| formatCurrency function| abaChecksum function| addSubTotal function| addTotal function| addConvenienceFee function| init function| checkTimeOut function| _slice function| _slicedToArray function| _extends object| Rails boolean| _rails_loaded object| ActiveStorage object| Turbolinks function| $ function| jQuery function| moment function| Popper object| bootstrap object| jQuery1124021974655742887705 object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| ActionCable object| App object| toastr

3 Cookies

Domain/Path Name / Value
vhda-invoice-production-f606b6601a0d.herokuapp.com/ Name: ahoy_visitor
Value: 79363d85-88d6-4dcf-885b-21367b1e409a
vhda-invoice-production-f606b6601a0d.herokuapp.com/ Name: ahoy_visit
Value: ae47fcd4-44f7-4be7-942b-c2f96966ff58
vhda-invoice-production-f606b6601a0d.herokuapp.com/ Name: _isgn_webpay_session
Value: m2QR9%2FwZn7ENC8WHyTYh5a77k5QfJSfQjAKuj7XpFkR1qWoBjVrkBTFU9UczFXb5bVZBmo80m%2FLvqpn7wwgYVZBhebeidvQ69%2BYR3iojy3QwzAnUB7oul67Cn9QoULBPIYlzXydawKhpEHZaULFytkM%2BKoAGtlG2DZwFyOSTOmEjzRihL11myPEa0WkFO1nPnbDIuGEj56F0XTGERYee52eRM7zjLQQxCSiOuwgfx0PXi%2FfwqSMmrsha2MTFAe3ZuegF9D1EC%2Bc6bccNIiJbUAX0K%2BJr5p6rHNsxnHYZN8GiBc2ROhPngsVS1GzWJoJ%2ByxT68cARfmM%3D--L3teLqBDhuA7dF2t--EmQJqvss15nRsHZFG7kqvg%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0