urlscan.io logo urlscan.io
SecurityTrails logo

invoiceusage.aera.com.au Open in urlscan Pro
52.189.16.255  Public Scan

Go To Rescan Add Verdict Report
URL: https://invoiceusage.aera.com.au/
Submission: On May 25 via automatic, source certstream-suspicious — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 52.189.16.255, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is invoiceusage.aera.com.au.
TLS certificate: Issued by R3 on May 25th 2023. Valid for: 3 months.
This is the only time invoiceusage.aera.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 52.189.16.255 8075 (MICROSOFT...)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 172.217.194.95 15169 (GOOGLE)
1 3 104.16.123.175 13335 (CLOUDFLAR...)
5 151.101.0.176 54113 (FASTLY)
1 104.17.25.14 13335 (CLOUDFLAR...)
3 54.187.159.182 16509 (AMAZON-02)
1 13.75.240.84 8075 (MICROSOFT...)
2 52.42.121.212 16509 (AMAZON-02)
28 9
11    52.189.16.255 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
invoiceusage.aera.com.au
goapi.dataportal.nz
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
ajax.googleapis.com
3    104.16.123.175 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
1    13.75.240.84 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
datagate2storage.blob.core.windows.net
2    52.42.121.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-121-212.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
9 aera.com.au
invoiceusage.aera.com.au
1 MB
8 stripe.com
js.stripe.com — Cisco Umbrella Rank: 968
q.stripe.com — Cisco Umbrella Rank: 5765
m.stripe.com — Cisco Umbrella Rank: 935
132 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 822
14 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1053
17 KB
2 dataportal.nz
goapi.dataportal.nz
655 B
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 817
83 KB
1 windows.net
datagate2storage.blob.core.windows.net
756 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
27 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 320
30 KB
28 9
Domain Requested by
9 invoiceusage.aera.com.au invoiceusage.aera.com.au
3 q.stripe.com invoiceusage.aera.com.au
3 js.stripe.com invoiceusage.aera.com.au
js.stripe.com
3 unpkg.com 1 redirects invoiceusage.aera.com.au
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 goapi.dataportal.nz invoiceusage.aera.com.au
2 maxcdn.bootstrapcdn.com invoiceusage.aera.com.au
maxcdn.bootstrapcdn.com
1 datagate2storage.blob.core.windows.net invoiceusage.aera.com.au
1 cdnjs.cloudflare.com invoiceusage.aera.com.au
1 ajax.googleapis.com invoiceusage.aera.com.au
28 11

This site contains no links.

Subject Issuer Validity Valid
invoiceusage.aera.com.au
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-05-12 -
2023-08-13		 3 months crt.sh
goapi.dataportal.nz
R3		 2023-04-22 -
2023-07-21		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-27 -
2024-03-27		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2023-07-26		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://invoiceusage.aera.com.au/
Frame ID: A954CE804294E7E0CAB20D57FC13156F
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 8DC6ADAEDFE57BCF058C337EC2A28F84
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E7FDCD929629AE47B2DEF82E9915E091
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Customer Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

2448 kB
Transfer

6809 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://unpkg.com/prop-types/prop-types.js HTTP 302
  • https://unpkg.com/prop-types@15.8.1/prop-types.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
invoiceusage.aera.com.au/ 		1 KB
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bff2e489d98bbc4a66316459ae6f1bccc0160947c3dbc59f4cbf63f2b8f041ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-length
580
content-type
text/html; charset=utf-8
date
Thu, 25 May 2023 23:06:42 GMT
etag
"rsa1ij12l"
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617
age
3112899
cdn-cachedat
2021-06-08 14:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
55fb4fa8e5dd0a7f71d503394bffb28b
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7cd16e34bb15ab0b-SYD
cdn-requestpullsuccess
True
normalize.css
invoiceusage.aera.com.au/assets/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoiceusage.aera.com.au/assets/css/normalize.css
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65714a5ed22b918bd7d9362ca30cbc0e1b05ecdea2ce9ddf39e71905cb676134
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
etag
"rsa1ij6mv"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
style.css
invoiceusage.aera.com.au/assets/css/ 		66 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoiceusage.aera.com.au/assets/css/style.css
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4295c423610f68e8ca0bc4071102a32049869389fadff8548d45e88f11919573
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
etag
"rsa1ij1fzf"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
flexboxgrid.css
invoiceusage.aera.com.au/assets/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoiceusage.aera.com.au/assets/css/flexboxgrid.css
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1eecc63dcad8b0873878e1a9430cc3b8391f22ba319679db227be30fbe681a26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
etag
"rsa1ijcdv"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
flexboxgrid-helpers.min.css
invoiceusage.aera.com.au/assets/css/ 		3 KB
703 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoiceusage.aera.com.au/assets/css/flexboxgrid-helpers.min.css
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0df8ef961b4a245a3f032c22138eac1a85818331813cafe45a84577a85c4e8f9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
etag
"rsa1ij2km"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-length
497
latofonts.css
invoiceusage.aera.com.au/assets/css/ 		2 KB
574 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoiceusage.aera.com.au/assets/css/latofonts.css
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
956b75ec8203801621a01b6a4cb2f4c18603b6d58823d119bdfe84412db8896a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
etag
"rsa1ij1mk"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
content-length
368
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 19:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 May 2024 19:48:22 GMT
prop-types.js
unpkg.com/prop-types@15.8.1/
Redirect Chain
  • https://unpkg.com/prop-types/prop-types.js
  • https://unpkg.com/prop-types@15.8.1/prop-types.js
47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/prop-types@15.8.1/prop-types.js
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a24e9b72f5d33eee14cbe2035717a7c92fbb51727bbf9a9944f4ed1ed6ef7e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:43 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12525152
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GNN9PXN3CJASBVA3XGJAPW5Z-syd
server
cloudflare
etag
W/"bccd-2T3AMA4ympuDkDh5OD90xVP7S7U"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7cd16e356857aae4-SYD

Redirect headers

date
Thu, 25 May 2023 23:06:43 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H1AJ97CE4VC7P6TDP0ZPES8J-syd
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
360
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/prop-types@15.8.1/prop-types.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7cd16e34bf6faae4-SYD
/
js.stripe.com/v3/ 		473 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
70f006e9a4c3672a2aeadb0dc1647157ee15bcc17786757f29bb73ebecbf3eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 25 May 2023 23:06:43 GMT
via
1.1 varnish
age
48
x-cache
HIT
content-length
130117
x-request-id
82d64810-9bf0-4898-a675-1bc77b9ddd9a
x-served-by
cache-bfi-krnt7300026-BFI
last-modified
Thu, 25 May 2023 20:44:57 GMT
server
Fastly
etag
"f9ef5e70ca59fcd939da1d1011bccfc3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
sysend.js
unpkg.com/sysend@1.3.3/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/sysend@1.3.3/sysend.js
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.123.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb474c8d93eb5968e3a03625c0930c8b1a58fb6c08a04e8560e14499eb03ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:45 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H1AJM77XYDJFBDXN7AXVFVF7-syd
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
etag
W/"1b80-QsSG1jTlsf1WhMnbuO0ilq06lrM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7cd16e34bf70aae4-SYD
jsencrypt.js
cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/ 		128 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/jsencrypt.js
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102e2e24151525a8f3e797b5e9cac896e81f394f5d40b1c556a563c3d134c292
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5502414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27081
last-modified
Mon, 04 May 2020 16:11:50 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec6-1fe7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0N5UJJqhbvQAgwKcG%2Bg3Y%2BojVwns1%2FENuJSbKtHUBexqE3crTtPBYpIdkdwYVcoKd3NF4RJg524uohuQLxt33nz%2BL07WZsrg%2B7LYpFyMKtq5URycv3LfOZCmoFVKUMGLVI2dPBx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cd16e34bd0a5551-SYD
expires
Tue, 14 May 2024 23:06:43 GMT
bundle.js
invoiceusage.aera.com.au/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoiceusage.aera.com.au/bundle.js?7991cf2f9d922c453daa
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e30b3c29c0c4e482d749d7170ff3fe429bc1dc2f4a546af8cbdf732ed1f3cf6b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:42 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
etag
"rsa1ij2yc04"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
brands-settings
goapi.dataportal.nz/v1/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goapi.dataportal.nz/v1/brands-settings?d=invoiceusage.aera.com.au
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/bundle.js?7991cf2f9d922c453daa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://invoiceusage.aera.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:46 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin
https://invoiceusage.aera.com.au
access-control-expose-headers
Content-Length
access-control-allow-credentials
true
access-control-allow-headers
content-length
0
x-request-id
160ca6ddc24c5a8d342bb7d056123ba7
arrow-left.png
invoiceusage.aera.com.au/assets/img/ 		402 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://invoiceusage.aera.com.au/assets/img/arrow-left.png
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9bff9f068dd10286466b0606955ddd26ba76e9df6f9a3ed359c93e2074f1df32
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
etag
"rsa1ijb6"
content-length
402
content-type
image/png
brands-settings
goapi.dataportal.nz/v1/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goapi.dataportal.nz/v1/brands-settings?d=invoiceusage.aera.com.au
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/bundle.js?7991cf2f9d922c453daa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://invoiceusage.aera.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:46 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, UPDATE
access-control-allow-origin
https://invoiceusage.aera.com.au
access-control-expose-headers
Content-Length
access-control-allow-credentials
true
access-control-allow-headers
content-length
0
x-request-id
e8af902cadb04e88872187f3e9563928
Lato-Regular.woff2
invoiceusage.aera.com.au/assets/css/fonts/ 		178 KB
179 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://invoiceusage.aera.com.au/assets/css/fonts/Lato-Regular.woff2
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/assets/css/latofonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.189.16.255 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://invoiceusage.aera.com.au/assets/css/latofonts.css
Origin
https://invoiceusage.aera.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:45 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Wed, 29 Mar 2023 10:08:43 GMT
etag
"rsa1ij3wz8"
vary
Accept-Encoding
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://invoiceusage.aera.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 25 May 2023 23:06:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
912
cdn-cachedat
12/11/2022 18:06:44
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
32f87e0e354ad048ba13ae69456f1ff6
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7cd16e456931aac9-SYD
cdn-requestpullsuccess
True
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 8DC6 		200 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://invoiceusage.aera.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
16686162
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 25 May 2023 23:06:45 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
26207
x-content-type-options
nosniff
x-request-id
6cf8384c-24df-4af3-ae74-2cfdfba63f80
x-served-by
cache-bfi-krnt7300026-BFI
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 8DC6 		631 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 25 May 2023 23:06:45 GMT
via
1.1 varnish
age
16686163
x-cache
HIT
content-length
332
x-request-id
3d864d76-beb5-4ffc-9abd-3807c1b12e84
x-served-by
cache-bfi-krnt7300026-BFI
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23003
csp-report
q.stripe.com/ Frame 8DC6 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 25 May 2023 23:06:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1685056006614613
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1685056006614370
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8DC6 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 25 May 2023 23:06:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1685056006614820
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1685056006614383
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame E7FD 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
234
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 25 May 2023 23:06:46 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
120
x-content-type-options
nosniff
x-request-id
812a90b0-63df-498a-801b-6cf9c2ca9939
x-served-by
cache-bfi-krnt7300026-BFI
x-timer
S1685056006.094565,VS0,VE0
csp-report
q.stripe.com/ Frame E7FD 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 25 May 2023 23:06:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1685056006614851
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1685056006614422
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame E7FD 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 25 May 2023 23:06:46 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
191
x-cache
HIT
content-length
16031
x-request-id
db674ae6-4552-418f-aab7-192d0edc0955
x-served-by
cache-bfi-krnt7300026-BFI
server
Fastly
x-timer
S1685056006.344957,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
99
login-banner.png
datagate2storage.blob.core.windows.net/ecp-resources/0/ 		756 KB
756 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datagate2storage.blob.core.windows.net/ecp-resources/0/login-banner.png?c=1685056005332
Requested by
Host: invoiceusage.aera.com.au
URL: https://invoiceusage.aera.com.au/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.75.240.84 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bf988d6a334561a29c43481e4c4d18b4b60ca532997f4471a2d2a8884368af94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://invoiceusage.aera.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 25 May 2023 23:06:46 GMT
Last-Modified
Thu, 25 Jan 2018 03:02:09 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Qgc9JQYS9uEvUqWS91yfIw==
ETag
0x8D563A0064C4BC4
Content-Type
image/png
x-ms-request-id
e0e915cd-601e-002f-7b5d-8f6f6d000000
x-ms-version
2009-09-19
Content-Length
774075
6
m.stripe.com/ Frame E7FD 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.121.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-121-212.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d90e5be6eae03806e17575a459ff24afadebddd9e939cf729c23b0d2b8659384
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 25 May 2023 23:06:47 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1685056007181590
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1685056007180898
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame E7FD 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.121.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-121-212.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d90e5be6eae03806e17575a459ff24afadebddd9e939cf729c23b0d2b8659384
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 25 May 2023 23:06:49 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1685056009192350
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1685056009191650
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery object| PropTypes object| webpackChunkStripeJSouter function| noop function| Stripe object| sysend object| KJUR object| Hex object| Base64 function| ASN1 function| JSEncrypt object| scCGSHMRCache

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 4c7bbef5-1a41-42c2-9d1a-82974366d38eec799d
.invoiceusage.aera.com.au/ Name: __stripe_mid
Value: 16c5a324-1248-4b45-8c36-62ca77551317cbec29
.invoiceusage.aera.com.au/ Name: __stripe_sid
Value: 8fe95b36-6009-425f-9219-493156f4b24516a7de

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://goapi.dataportal.nz/v1/brands-settings?d=invoiceusage.aera.com.au
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://goapi.dataportal.nz/v1/brands-settings?d=invoiceusage.aera.com.au
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
datagate2storage.blob.core.windows.net
goapi.dataportal.nz
invoiceusage.aera.com.au
js.stripe.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
q.stripe.com
unpkg.com
104.16.123.175
104.17.25.14
104.18.10.207
13.75.240.84
151.101.0.176
172.217.194.95
52.189.16.255
52.42.121.212
54.187.159.182
0df8ef961b4a245a3f032c22138eac1a85818331813cafe45a84577a85c4e8f9
102e2e24151525a8f3e797b5e9cac896e81f394f5d40b1c556a563c3d134c292
1eecc63dcad8b0873878e1a9430cc3b8391f22ba319679db227be30fbe681a26
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fb474c8d93eb5968e3a03625c0930c8b1a58fb6c08a04e8560e14499eb03ae8
4295c423610f68e8ca0bc4071102a32049869389fadff8548d45e88f11919573
5a24e9b72f5d33eee14cbe2035717a7c92fbb51727bbf9a9944f4ed1ed6ef7e0
65714a5ed22b918bd7d9362ca30cbc0e1b05ecdea2ce9ddf39e71905cb676134
70f006e9a4c3672a2aeadb0dc1647157ee15bcc17786757f29bb73ebecbf3eaf
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
956b75ec8203801621a01b6a4cb2f4c18603b6d58823d119bdfe84412db8896a
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9bff9f068dd10286466b0606955ddd26ba76e9df6f9a3ed359c93e2074f1df32
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
bf988d6a334561a29c43481e4c4d18b4b60ca532997f4471a2d2a8884368af94
bff2e489d98bbc4a66316459ae6f1bccc0160947c3dbc59f4cbf63f2b8f041ad
d90e5be6eae03806e17575a459ff24afadebddd9e939cf729c23b0d2b8659384
e30b3c29c0c4e482d749d7170ff3fe429bc1dc2f4a546af8cbdf732ed1f3cf6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083