urlscan.io logo urlscan.io
SecurityTrails logo

calendly.com Open in urlscan Pro
2606:4700:3108::ac42:2928  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://swit-outreach-dot-yamm-track.appspot.com/Redirect?ukey=1u31LxyImsF0-SDou0-eNBhn20bvEsn3aQD7Q-G3CFCw-0&key=YAMMID-1641827114152&link=https...
Effective URL: https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
Submission Tags: falconsandbox
Submission: On July 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3108::ac42:2928, located in United States and belongs to CLOUDFLARENET, US. The main domain is calendly.com. The Cisco Umbrella rank of the primary domain is 11343.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.
This is the only time calendly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:310... 13335 (CLOUDFLAR...)
3 99.86.4.99 16509 (AMAZON-02)
3 54.186.23.98 16509 (AMAZON-02)
2 2600:9000:215... 16509 (AMAZON-02)
1 52.24.226.252 16509 (AMAZON-02)
14 6
2    2a00:1450:4001:813::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
swit-outreach-dot-yamm-track.appspot.com
5    2606:4700:3108::ac42:2928 (United States)

ASN13335 (CLOUDFLARENET, US)
calendly.com
assets.calendly.com
3    99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net
js.stripe.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:2156:9e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    52.24.226.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-226-252.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1872
q.stripe.com — Cisco Umbrella Rank: 14306
m.stripe.com — Cisco Umbrella Rank: 1639
81 KB
5 calendly.com
calendly.com — Cisco Umbrella Rank: 11343
assets.calendly.com — Cisco Umbrella Rank: 13879
716 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2007
16 KB
2 appspot.com
swit-outreach-dot-yamm-track.appspot.com
774 B
14 4
Domain Requested by
4 assets.calendly.com calendly.com
assets.calendly.com
3 q.stripe.com calendly.com
3 js.stripe.com assets.calendly.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 swit-outreach-dot-yamm-track.appspot.com 2 redirects
1 m.stripe.com m.stripe.network
1 calendly.com
14 7

This site contains no links.

Subject Issuer Validity Valid
calendly.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-25 -
2022-09-08		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-11 -
2022-10-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
Frame ID: C8999DCC441FA736D57D0758AFAB3DF2
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-088a7cf5bee7fed3d93eb7ec5cc1bd2f.html
Frame ID: 266E7A347BDA516CF8F66C63A4DB3C82
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FDD50AA7475EAEE1767F77BD93A1EFA7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Calendly

Page URL History Show full URLs

  1. http://swit-outreach-dot-yamm-track.appspot.com/Redirect?ukey=1u31LxyImsF0-SDou0-eNBhn20bvEsn3aQD7Q-G3CFCw-0&key=YAMMID-1641... HTTP 302
    https://swit-outreach-dot-yamm-track.appspot.com/Redirect?ukey=1u31LxyImsF0-SDou0-eNBhn20bvEsn3aQD7Q-G3CFCw-0&key=YAMMID-1641... HTTP 302
    https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

6
IPs

2
Countries

895 kB
Transfer

2805 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://swit-outreach-dot-yamm-track.appspot.com/Redirect?ukey=1u31LxyImsF0-SDou0-eNBhn20bvEsn3aQD7Q-G3CFCw-0&key=YAMMID-1641827114152&link=https%3A%2F%2Fcalendly.com%2Fd%2Fch6-r5m-nkq%2Fswit-custom-demo HTTP 302
    https://swit-outreach-dot-yamm-track.appspot.com/Redirect?ukey=1u31LxyImsF0-SDou0-eNBhn20bvEsn3aQD7Q-G3CFCw-0&key=YAMMID-1641827114152&link=https%3A%2F%2Fcalendly.com%2Fd%2Fch6-r5m-nkq%2Fswit-custom-demo HTTP 302
    https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request swit-custom-demo
calendly.com/d/ch6-r5m-nkq/
Redirect Chain
  • http://swit-outreach-dot-yamm-track.appspot.com/Redirect?ukey=1u31LxyImsF0-SDou0-eNBhn20bvEsn3aQD7Q-G3CFCw-0&key=YAMMID-1641827114152&link=https%3A%2F%2Fcalendly.com%2Fd%2Fch6-r5m-nkq%2Fswit-custom...
  • https://swit-outreach-dot-yamm-track.appspot.com/Redirect?ukey=1u31LxyImsF0-SDou0-eNBhn20bvEsn3aQD7Q-G3CFCw-0&key=YAMMID-1641827114152&link=https%3A%2F%2Fcalendly.com%2Fd%2Fch6-r5m-nkq%2Fswit-custo...
  • https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2928 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f4ec2f99c179796eac8eb958a3a37b60ce85f85e1c6cbd6461c1ff2168c22d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72eb930b5b1468eb-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 22 Jul 2022 10:43:16 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://assets.calendly.com/packs/booking/css/booking-7a878040.css>; rel=preload; as=style; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-request-id
c6507d536dd2a5bba2526f61109410a8
x-runtime
0.116503

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 22 Jul 2022 10:43:16 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
server
Google Frontend
x-cloud-trace-context
b93e65289207de656d45cf8375e9b933
x-robots-tag
noindex, nofollow
booking-7a878040.css
assets.calendly.com/packs/booking/css/ 		306 KB
163 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.calendly.com/packs/booking/css/booking-7a878040.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2928 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34aed74527525f24337248f64d490f6cd75a5b581d5c78ec9c9f90f07ed6d387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://calendly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
245725
cf-polished
origSize=332730
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 19 Jul 2022 14:22:58 GMT
server
cloudflare
etag
W/"0794867badd878c077d325ee74b0bb81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
72eb930d3d8968eb-FRA
expires
Sat, 23 Jul 2022 10:43:16 GMT
booking-runtime-52c70bd27bbab95605fd.js
assets.calendly.com/packs/booking/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.calendly.com/packs/booking/js/booking-runtime-52c70bd27bbab95605fd.js
Requested by
Host: calendly.com
URL: https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2928 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0999f1724be2c902b85abcbf67b2d0437dd41dbd263ac1f4d2cbbde3f2d2e856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://calendly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
245725
cf-polished
origSize=19745
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 19 Jul 2022 14:22:58 GMT
server
cloudflare
etag
W/"e06469fec71e3a206b03a388ceb7dd4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
72eb930e5f2e68eb-FRA
expires
Sat, 23 Jul 2022 10:43:16 GMT
booking-884522c3c90ae7602abe.js
assets.calendly.com/packs/booking/js/ 		2 MB
527 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.calendly.com/packs/booking/js/booking-884522c3c90ae7602abe.js
Requested by
Host: calendly.com
URL: https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2928 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d23cc2ba45413cc9578a960d902a00df8135f446a882319b32cb1de31484079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://calendly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:43:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
361691
cf-polished
origSize=1946416
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 18 Jul 2022 06:09:08 GMT
server
cloudflare
etag
W/"d53f87a739a69a7f5a7fc0c9261bb68e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
72eb930e5f3168eb-FRA
expires
Sat, 23 Jul 2022 10:43:16 GMT
v3
js.stripe.com/ 		314 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: assets.calendly.com
URL: https://assets.calendly.com/packs/booking/js/booking-884522c3c90ae7602abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
caa952dce757c22d848abeea2a40ecb9e4db8c1433db953bb695b2943be34495
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://calendly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
40
x-cache
Hit from cloudfront
date
Fri, 22 Jul 2022 10:43:17 GMT
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 22:32:29 GMT
server
Cloudfront
etag
W/"260d97f5f43e9b04a908446cd8bc86e3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
kurW1GHEf9GvSacUK3SZgsXDnOEQecdWPDjJL9XJpfI1sftlB8woRQ==
en-3cca82dd72c8e9da506e.chunk.js
assets.calendly.com/packs/booking/js/locales/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.calendly.com/packs/booking/js/locales/en-3cca82dd72c8e9da506e.chunk.js
Requested by
Host: assets.calendly.com
URL: https://assets.calendly.com/packs/booking/js/booking-runtime-52c70bd27bbab95605fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2928 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e524a9d0679dfab7ded68ef2fd362c6d1dd3c55d913f19c71be59d25820b829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://calendly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 10:43:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1454696
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Tue, 05 Jul 2022 14:32:41 GMT
server
cloudflare
etag
W/"0a885374f6b7d7399bcfa9d2764d1c20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
72eb931009bb68eb-FRA
expires
Sat, 23 Jul 2022 10:43:17 GMT
truncated
/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d41624e9721619a0dbe00d0fd9c0175a8f97c484aab61117db7246f69b7de9ba

Request headers

Referer
Origin
https://calendly.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ea98b82eb62795846fed9452c40531d668dd519e29633c196905d6f5af8d846

Request headers

Referer
Origin
https://calendly.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
font/woff
m-outer-088a7cf5bee7fed3d93eb7ec5cc1bd2f.html
js.stripe.com/v3/ Frame 266E 		240 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-088a7cf5bee7fed3d93eb7ec5cc1bd2f.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
452ba5d9ac5fd63aaa17e363908510b7a37e1069e2193c8088b75175c8af262a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://calendly.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1823
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 22 Jul 2022 10:13:31 GMT
etag
"088a7cf5bee7fed3d93eb7ec5cc1bd2f"
last-modified
Thu, 21 Jul 2022 22:11:39 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-id
vaaF5sy-ID-afq2_ao-ueMR7BZqUpt2gjfSKTwhyA1N0R6Siz-su6w==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 266E 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: calendly.com
URL: https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 22 Jul 2022 10:43:17 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 266E 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: calendly.com
URL: https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 22 Jul 2022 10:43:17 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-cbdd6d89c270b3dce8b8c5b59e379bd3.js
js.stripe.com/v3/fingerprinted/js/ Frame 266E 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-cbdd6d89c270b3dce8b8c5b59e379bd3.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-088a7cf5bee7fed3d93eb7ec5cc1bd2f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-088a7cf5bee7fed3d93eb7ec5cc1bd2f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
22
x-cache
Hit from cloudfront
date
Fri, 22 Jul 2022 10:42:57 GMT
content-length
526
last-modified
Thu, 21 Jul 2022 22:11:18 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BNQcaU3gdCd0FMeNSEFUsywVZOBVR3WsaH1MHjPkvoZCHudusGLNDw==
inner.html
m.stripe.network/ Frame FDD5 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-cbdd6d89c270b3dce8b8c5b59e379bd3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 22 Jul 2022 10:42:58 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-id
p36_YKCPBtbo0Y1qPxT41d0dqEeXfR7rawX23zbDcCp6nUrkJQHUmA==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame FDD5 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: calendly.com
URL: https://calendly.com/d/ch6-r5m-nkq/swit-custom-demo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 10:43:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame FDD5 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
age
114
date
Fri, 22 Jul 2022 10:41:25 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
CA4QF4wqjUs9LNHK1Da9lntIB5uy3dPCp4YlwebupGeZWG5rrt562w==
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
6
m.stripe.com/ Frame FDD5 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.226.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-226-252.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6e962b29cd2d84c6d40a254c77438f02e07b4a2250cc2d869c820558167b67f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Jul 2022 10:43:17 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| WEBPACK_PUBLIC_PATH object| webpackChunkbooking function| setImmediate function| clearImmediate function| _ function| sprintf function| vsprintf function| forEach function| detect object| webpackChunkstripe_js_v3 function| Stripe

6 Cookies

Domain/Path Name / Value
swit-outreach-dot-yamm-track.appspot.com/ Name: JSESSIONID
Value: fRTo_Gy9rPYXmE-hiZRA9w
calendly.com/ Name: _calendly_session
Value: CXwYB59xl%2BVMg0tSBD5qhkVGHZoVyoAPm35JEVho2FZQhZRFb0ixAKzCvVzz5FtBumYwXXr0JRaeEDJ6RCjQVl08WC%2BifOVUA0jQ9wA2oFQ2k3ytsJZBzgK0WfED4DvAldXprh8%2FO1P3LdQBDVTVHpAgHQjvqGIeQdQn0HmAlTYD4hXeSFIqiN5zJQDtM6oD5cLEU1%2FgRAfPVvP%2F97vdzBWPkdZpVbtde%2Fk5UdB3ZEk7s1u0u%2FuWUM4T0G13tUmciMuheMS6V4%2BwVP7TO1MtPP4USTSEtGi%2F1q2aVCD4K1%2BDZxAobVj3VbtxWex3CHK2s0gFZnzbxKg4EYWIzDjenNPs6FsAksokgLl2REl9aRLWJOLCLcrQtoK%2BBf11wxPdlNmUGCIj%2BTZJHumnQ2M9LmM%2F6ejBvDor5rNJT9y3SEzAXMS5S0l%2BfKkgm0HrWREuDwn%2BZWqYgwvW4Evgb0aVypoLe9bDWmjswVikBpxanFBqsvZKp2aapwB9sNDsS0Yup1G5eBRIwMZ5B10DQHTZne4AjYYCMXmwKGTghk2ASHcswaE%2F%2FwY8F1ySUY9iaPUOKSCegD5e22PW8T6uRZABxjQDeluYPag%3D--8V4qb5tXjdZTbguF--jl%2B6q65ldUngxpbbwAub3w%3D%3D
.calendly.com/ Name: __cfruid
Value: 6fb76d6763f22a30556e6a2a10eb46fb1d83151d-1658486596
m.stripe.com/ Name: m
Value: 0a921839-6fc6-403d-8766-9391e1568e499e239c
.calendly.com/ Name: __stripe_mid
Value: a46264a7-f1f0-4a13-818d-603ca5f9ab8aab7e81
.calendly.com/ Name: __stripe_sid
Value: a66bd6d4-666d-4a25-83eb-bc20a21bf4136b2ac6

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL