beta.heropost.io Open in urlscan Pro
34.245.241.24  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response beta.heropost.io/	3 KB 4 KB	152ms 45ms	Document text/html	34.245.241.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beta.heropost.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.245.241.24 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-245-241-24.eu-west-1.compute.amazonaws.com Software / Resource Hash 17a7cfeaa43e17b84054718c50e66e0f5ba849da1fa1e8710deb473770020d14 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers :method GET :authority beta.heropost.io :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 17:17:04 GMT content-type text/html content-length 3532 last-modified Tue, 20 Apr 2021 17:12:50 GMT etag "607f0b92-dcc" accept-ranges bytes strict-transport-security max-age=15724800; includeSubDomains access-control-allow-origin * access-control-allow-credentials true
GET H2	200	css2 fonts.googleapis.com/	5 KB 649 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Rubik:wght@300;400;500&display=swap Requested by Host: beta.heropost.io URL: https://beta.heropost.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7803b8e823580949d688082a21f7fddaefa63058db40c5f30bcdb5abb585059c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://beta.heropost.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 20 Apr 2021 15:17:09 GMT server ESF date Tue, 20 Apr 2021 17:17:04 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 20 Apr 2021 17:17:04 GMT
GET H2	200	3.1c9ef103.chunk.css beta.heropost.io/static/css/	9 KB 9 KB	46ms 46ms	Stylesheet text/css	34.245.241.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beta.heropost.io/static/css/3.1c9ef103.chunk.css Requested by Host: beta.heropost.io URL: https://beta.heropost.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.245.241.24 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-245-241-24.eu-west-1.compute.amazonaws.com Software / Resource Hash ffb9695332e52980d93c13e4d747879d0fc0cdb2d8c8804e5a709e9288a091a6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers :path /static/css/3.1c9ef103.chunk.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority beta.heropost.io referer https://beta.heropost.io/ :scheme https sec-fetch-site same-origin :method GET Referer https://beta.heropost.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 17:17:04 GMT last-modified Tue, 20 Apr 2021 17:12:50 GMT etag "607f0b92-23a5" strict-transport-security max-age=15724800; includeSubDomains content-type text/css access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes content-length 9125
GET H2	200	3.98097154.chunk.js Show response beta.heropost.io/static/js/	1 MB 1 MB	50ms 50ms	Script application/javascript	34.245.241.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beta.heropost.io/static/js/3.98097154.chunk.js Requested by Host: beta.heropost.io URL: https://beta.heropost.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.245.241.24 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-245-241-24.eu-west-1.compute.amazonaws.com Software / Resource Hash b977e8506f83acf10017a635aac16165cddbbca403fcdbbc42745f2ae41ec466 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers :path /static/js/3.98097154.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority beta.heropost.io referer https://beta.heropost.io/ :scheme https sec-fetch-site same-origin :method GET Referer https://beta.heropost.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 17:17:04 GMT last-modified Tue, 20 Apr 2021 17:12:50 GMT etag "607f0b92-173212" strict-transport-security max-age=15724800; includeSubDomains content-type application/javascript access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes content-length 1520146
GET H2	200	main.b051de41.chunk.js Show response beta.heropost.io/static/js/	295 KB 296 KB	78ms 78ms	Script application/javascript	34.245.241.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beta.heropost.io/static/js/main.b051de41.chunk.js Requested by Host: beta.heropost.io URL: https://beta.heropost.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.245.241.24 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-245-241-24.eu-west-1.compute.amazonaws.com Software / Resource Hash b1f18e2e59dff73c29f4fd74d3f6a0d7ea991c2ff60a66602e87b7b32d00f101 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers :path /static/js/main.b051de41.chunk.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority beta.heropost.io referer https://beta.heropost.io/ :scheme https sec-fetch-site same-origin :method GET Referer https://beta.heropost.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 17:17:04 GMT last-modified Tue, 20 Apr 2021 17:12:50 GMT etag "607f0b92-49d6e" strict-transport-security max-age=15724800; includeSubDomains content-type application/javascript access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes content-length 302446
OPTIONS H2	204	graphql prod-hrpt-api.softermii.co/ Frame	0 0	147ms 43ms	Preflight	46.137.146.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-hrpt-api.softermii.co/graphql Protocol H2 Server 46.137.146.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-46-137-146-50.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://beta.heropost.io User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 20 Apr 2021 17:17:04 GMT strict-transport-security max-age=15724800; includeSubDomains access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization access-control-max-age 1728000 content-length 0
POST H2	200	graphql Show response prod-hrpt-api.softermii.co/	211 B 373 B	47ms 46ms	Fetch application/json	46.137.146.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-hrpt-api.softermii.co/graphql Requested by Host: beta.heropost.io URL: https://beta.heropost.io/static/js/3.98097154.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.137.146.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-46-137-146-50.eu-west-1.compute.amazonaws.com Software / Resource Hash d358a3a70ae98e09f37b160f3acd847513bcf97f0cbcc0dbafb35d25718c1dbc Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept */* Referer https://beta.heropost.io/ authorization User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers access-control-allow-origin * date Tue, 20 Apr 2021 17:17:04 GMT access-control-allow-credentials true strict-transport-security max-age=15724800; includeSubDomains content-type application/json
GET H2	200	v3 Show response js.stripe.com/	224 KB 53 KB	132ms 24ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: beta.heropost.io URL: https://beta.heropost.io/static/js/3.98097154.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f04f11e22a1061e6c6eb0f56d8357c877d57c13a6972bacf8268c948339ef760 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://beta.heropost.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 17:17:04 GMT content-encoding br vary Accept-Encoding age 64 via 1.1 varnish x-cache HIT content-length 54044 x-amz-id-2 mbqqkOOCcVR4hQOGBopqh43suDyjnaSFxGwFOgu9ug9nNMNGdaiYtow6phPqkvkZNQofvBmW5F4= x-served-by cache-fra19163-FRA timing-allow-origin * last-modified Mon, 19 Apr 2021 19:54:54 GMT server AmazonS3 etag "805e89813597990db1bd4d6b201a3652" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id QD5NPEJQ4BZ3NSCD access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 23
OPTIONS H2	204	graphql prod-hrpt-is4-api.softermii.co/ Frame	0 0	139ms 42ms	Preflight	46.137.146.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-hrpt-is4-api.softermii.co/graphql Protocol H2 Server 46.137.146.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-46-137-146-50.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://beta.heropost.io User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 20 Apr 2021 17:17:04 GMT strict-transport-security max-age=15724800; includeSubDomains access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization access-control-max-age 1728000 content-length 0
POST H2	200	graphql Show response prod-hrpt-is4-api.softermii.co/	285 B 447 B	45ms 44ms	Fetch application/json	46.137.146.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-hrpt-is4-api.softermii.co/graphql Requested by Host: beta.heropost.io URL: https://beta.heropost.io/static/js/3.98097154.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.137.146.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-46-137-146-50.eu-west-1.compute.amazonaws.com Software / Resource Hash 3f98f85f98a455c19ed0219943c42227f070b05447a669e1f8b1c7d0ea625066 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept */* Referer https://beta.heropost.io/ authorization User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers access-control-allow-origin * date Tue, 20 Apr 2021 17:17:04 GMT access-control-allow-credentials true strict-transport-security max-age=15724800; includeSubDomains content-type application/json
GET H2	200	m-outer-0cba8a995d163797499ab006bbb6b889.html Show response js.stripe.com/v3/ Frame 6340	215 B 596 B	24ms 23ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b Security Headers Name Value Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://beta.heropost.io/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://beta.heropost.io/ Response headers x-amz-id-2 agiZD3goppij1vHb5F6pWexjWf7M1/HNRlEcfJLXRsj5UNaBCHLoOgV/HJfINtDb+vVIfsntFDc= x-amz-request-id J7JDKG3YX1YYQN7K last-modified Tue, 09 Mar 2021 20:21:15 GMT etag "0cba8a995d163797499ab006bbb6b889" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 accept-ranges bytes date Tue, 20 Apr 2021 17:17:04 GMT via 1.1 varnish age 283 x-served-by cache-fra19163-FRA x-cache HIT x-cache-hits 380 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' content-length 215
GET H2	200	m-outer-a7fed991536d116dae496abb616e06f8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 6340	1 KB 2 KB	24ms 23ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 17:17:04 GMT via 1.1 varnish vary Accept-Encoding age 274 x-cache HIT content-length 1438 x-amz-id-2 7nG+ZbFcvr5Silm+ckOryNC5KWo2caayU+jDrDZ/AlgxF2yYz86bRFuhUoz7daBdFIEypo8ztcA= x-served-by cache-fra19163-FRA timing-allow-origin * last-modified Tue, 09 Mar 2021 20:21:16 GMT server AmazonS3 etag "356a16407e7a019ffdf35f454b7438a9" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id 5EWN6ZFCMGABM84P access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 357
GET H2	200	inner.html Show response m.stripe.network/ Frame AC8A	33 KB 12 KB	26ms 24ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority m.stripe.network :scheme https :path /inner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://js.stripe.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js.stripe.com/ Response headers server nginx content-type text/html; charset=utf-8 last-modified Fri, 04 Dec 2020 19:17:49 GMT etag W/"5fca8b5d-84a0" strict-transport-security max-age=31556926; includeSubDomains; preload cache-control public, max-age=300 timing-allow-origin * content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; content-encoding gzip via 1.1 varnish, 1.1 varnish accept-ranges bytes date Tue, 20 Apr 2021 17:17:04 GMT age 241 x-served-by cache-sea4466-SEA, cache-fra19163-FRA x-cache HIT, HIT x-cache-hits 1, 394 x-timer S1618939025.945452,VS0,VE0 vary Accept-Encoding content-length 12226
POST H2	200	6 Show response m.stripe.com/ Frame AC8A	156 B 517 B	800ms 213ms	XHR text/plain	34.215.192.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.215.192.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-215-192-98.us-west-2.compute.amazonaws.com Software nginx / Resource Hash a111b36a31224dfd794592a9c7fa0a5cfa4264040a604c436a54ea32ff41484e Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 20 Apr 2021 17:17:05 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonpheropost number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| Konva object| __webpackStripeJSv3Jsonp function| Stripe

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager._loadUser: no user storageString
console-api	info	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager.getUser: user not found in storage
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: WebStorageStateStore.get user:https://prod-hrpt-is4.softermii.co:Heropost.WebFrontend
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager._loadUser: no user storageString
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager.ctor: monitorSession is configured, setting up session monitor
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: WebStorageStateStore.get user:https://prod-hrpt-is4.softermii.co:Heropost.WebFrontend
console-api	info	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager.getUser: user not found in storage
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager._loadUser: no user storageString
console-api	info	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager.getUser: user not found in storage
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager._signinStart: got navigator window handle
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: OidcClient.createSigninRequest
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: MetadataService.getMetadataProperty for: authorization_endpoint
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: MetadataService.getMetadata: Returning metadata from settings
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: MetadataService.getMetadataProperty: metadata recieved
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: OidcClient.createSigninRequest: Received authorization endpoint https://prod-hrpt-is4.softermii.co/connect/authorize
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: SigninState.toStorageString
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: WebStorageStateStore.set 24f943311f8d43628bc751d3974ea453
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager.ctor: monitorSession is configured, setting up session monitor
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: WebStorageStateStore.get user:https://prod-hrpt-is4.softermii.co:Heropost.WebFrontend
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager._loadUser: no user storageString
console-api	info	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager.getUser: user not found in storage
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager.ctor: monitorSession is configured, setting up session monitor
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: WebStorageStateStore.get user:https://prod-hrpt-is4.softermii.co:Heropost.WebFrontend
console-api	debug	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager._loadUser: no user storageString
console-api	info	URL: https://beta.heropost.io/static/js/3.98097154.chunk.js(Line 2) Message: UserManager.getUser: user not found in storage

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beta.heropost.io
fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
prod-hrpt-api.softermii.co
prod-hrpt-is4-api.softermii.co
151.101.12.176
2a00:1450:4001:808::200a
34.215.192.98
34.245.241.24
46.137.146.50
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
17a7cfeaa43e17b84054718c50e66e0f5ba849da1fa1e8710deb473770020d14
3f98f85f98a455c19ed0219943c42227f070b05447a669e1f8b1c7d0ea625066
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
7803b8e823580949d688082a21f7fddaefa63058db40c5f30bcdb5abb585059c
a111b36a31224dfd794592a9c7fa0a5cfa4264040a604c436a54ea32ff41484e
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
b1f18e2e59dff73c29f4fd74d3f6a0d7ea991c2ff60a66602e87b7b32d00f101
b977e8506f83acf10017a635aac16165cddbbca403fcdbbc42745f2ae41ec466
d358a3a70ae98e09f37b160f3acd847513bcf97f0cbcc0dbafb35d25718c1dbc
f04f11e22a1061e6c6eb0f56d8357c877d57c13a6972bacf8268c948339ef760
ffb9695332e52980d93c13e4d747879d0fc0cdb2d8c8804e5a709e9288a091a6