urlscan.io logo urlscan.io
SecurityTrails logo

apply.academies.hsa.net Open in urlscan Pro
3.248.127.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://college-harvard.mxredwood.com/64227d7700ecff0e475dd1a0/l/TNkGkVZLUCixVpGj5?messageId=K3HLLz8zGRs6s8U1c&rn=gIlNXdhJ3SgQHdh1kI&r...
Effective URL: https://apply.academies.hsa.net/
Submission: On April 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 3.248.127.164, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is apply.academies.hsa.net.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 31st 2023. Valid for: a year.
This is the only time apply.academies.hsa.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.210.197.97 14618 (AMAZON-AES)
3 3.248.127.164 16509 (AMAZON-02)
1 104.17.66.74 13335 (CLOUDFLAR...)
4 13.224.189.44 16509 (AMAZON-02)
3 151.101.128.176 54113 (FASTLY)
2 52.218.52.124 16509 (AMAZON-02)
1 13.224.189.49 16509 (AMAZON-02)
2 54.187.159.182 16509 (AMAZON-02)
2 99.86.4.85 16509 (AMAZON-02)
2 18.66.147.43 16509 (AMAZON-02)
1 34.208.115.43 16509 (AMAZON-02)
22 11
1    18.210.197.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-197-97.compute-1.amazonaws.com
college-harvard.mxredwood.com
3    3.248.127.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-127-164.eu-west-1.compute.amazonaws.com
apply.academies.hsa.net
1    104.17.66.74 (None, )

ASN13335 (CLOUDFLARENET, US)
payment.flywire.com
4    13.224.189.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-44.fra2.r.cloudfront.net
frontend-releases.fbri.co
3    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    52.218.52.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3.eu-west-1.amazonaws.com
1    13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net
widget.intercom.io
2    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    99.86.4.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-85.fra6.r.cloudfront.net
m.stripe.network
2    18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net
js.intercomcdn.com
1    34.208.115.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-115-43.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1244
q.stripe.com — Cisco Umbrella Rank: 7928 Failed
m.stripe.com — Cisco Umbrella Rank: 1249
125 KB
4 fbri.co
frontend-releases.fbri.co
520 KB
3 hsa.net
apply.academies.hsa.net
38 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2734
206 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1316
16 KB
2 amazonaws.com
s3.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 3752
561 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2392
4 KB
1 flywire.com
payment.flywire.com — Cisco Umbrella Rank: 566022
97 KB
1 mxredwood.com
college-harvard.mxredwood.com
593 B
22 9
Domain Requested by
4 frontend-releases.fbri.co apply.academies.hsa.net
3 js.stripe.com frontend-releases.fbri.co
js.stripe.com
3 apply.academies.hsa.net frontend-releases.fbri.co
2 js.intercomcdn.com widget.intercom.io
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com apply.academies.hsa.net
2 s3.eu-west-1.amazonaws.com
1 m.stripe.com m.stripe.network
1 widget.intercom.io apply.academies.hsa.net
1 payment.flywire.com apply.academies.hsa.net
1 college-harvard.mxredwood.com 1 redirects
22 11

This site contains no links.

Subject Issuer Validity Valid
apply.academies.hsa.net
Amazon RSA 2048 M02		 2023-01-31 -
2024-02-29		 a year crt.sh
flywire.com
Cloudflare Inc ECC CA-3		 2023-03-28 -
2024-03-27		 a year crt.sh
*.fbri.co
Amazon RSA 2048 M02		 2023-03-22 -
2024-04-19		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-02-06 -
2023-05-13		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2022-09-21 -
2023-08-30		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-14 -
2023-06-13		 4 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2023-07-26		 4 months crt.sh

This page contains 4 frames:

Primary Page: https://apply.academies.hsa.net/
Frame ID: 7F3DFCF6C2C6012FCD25158980A0C841
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 8C75B4EDA9CDD2B76729F1CFA094A21B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D9BC3C99297B22D6050F9A171733DA83
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e4fd5cdb.js
Frame ID: 08CBF52AB69B1796C43C2930044E384E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to The Academies :: The Academies

Page URL History Show full URLs

  1. https://college-harvard.mxredwood.com/64227d7700ecff0e475dd1a0/l/TNkGkVZLUCixVpGj5?messageId=K3HLLz8zGRs6s8U1c&rn=... HTTP 302
    https://apply.academies.hsa.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

22
Requests

95 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1566 kB
Transfer

4280 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://college-harvard.mxredwood.com/64227d7700ecff0e475dd1a0/l/TNkGkVZLUCixVpGj5?messageId=K3HLLz8zGRs6s8U1c&rn=gIlNXdhJ3SgQHdh1kI&re=gIt92YuMHdyFGcvRXdhV2YuFmdkFGQlNXdhJ3auQHdh1mI&sc=false HTTP 302
    https://apply.academies.hsa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
apply.academies.hsa.net/
Redirect Chain
  • https://college-harvard.mxredwood.com/64227d7700ecff0e475dd1a0/l/TNkGkVZLUCixVpGj5?messageId=K3HLLz8zGRs6s8U1c&rn=gIlNXdhJ3SgQHdh1kI&re=gIt92YuMHdyFGcvRXdhV2YuFmdkFGQlNXdhJ3auQHdh1mI&sc=false
  • https://apply.academies.hsa.net/
137 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.127.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-127-164.eu-west-1.compute.amazonaws.com
Software
nginx / Phusion Passenger(R) Enterprise
Resource Hash
8593c126ec9b9249d9a5d78141e0bfeab8bfcbb7509b097cd9edc83fa2c0090b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-disposition
inline
content-encoding
gzip
content-transfer-encoding
binary
content-type
text/html
date
Fri, 07 Apr 2023 14:26:32 GMT
expires
Sat, 1 Jan 2000 09:00:00 GMT
ff-frontend-cdn
https://cdn1.fbri.co
ff-frontend-revision
fbfc3a6cb0e3e0036478c67ca33a2d1cb2f61510
ff-revision
1e141053d43bbdbf0105cbd7cad80e2f6d1a0699
pragma
no-cache
server
nginx
status
200 OK
x-frame-options
DENY
x-powered-by
Phusion Passenger(R) Enterprise
x-request-id
84fdad32-d28e-4342-8411-d75296b2625d
x-runtime
0.175361

Redirect headers

cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
content-length
108
content-security-policy
frame-ancestors 'self' https://*.mixmax.com chrome-extension://ocpljaamllnldhepankaeljmeeeghnid chrome-extension://acopemiijaedckfmlemjdimcnphgbald https://mail.google.com https://inbox.google.com https://*.force.com https://*.salesforce.com; frame-src; report-uri /csp-violation
content-type
text/html; charset=utf-8
date
Fri, 07 Apr 2023 14:26:31 GMT
location
https://apply.academies.hsa.net/
referrer-policy
no-referrer
strict-transport-security
max-age=7776000
vary
Accept, Accept-Encoding
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
95
x-ratelimit-reset
1680961755
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
checkout.js
payment.flywire.com/assets/js/ 		300 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.flywire.com/assets/js/checkout.js
Requested by
Host: apply.academies.hsa.net
URL: https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.66.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15a72be593258a06224e006ede19712baea917dc253a4ef67eaa9fc32786be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 14:26:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Apr 2023 13:31:29 GMT
server
cloudflare
age
353
cf-polished
origSize=306947
etag
W/"642c26b1-4af03"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
cf-ray
7b42f2383b2a0374-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 07 Apr 2023 14:35:39 GMT
2.865fd2f0.chunk.css
frontend-releases.fbri.co/releases/content_pages/2.27.1/static/css/ 		97 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend-releases.fbri.co/releases/content_pages/2.27.1/static/css/2.865fd2f0.chunk.css
Requested by
Host: apply.academies.hsa.net
URL: https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
695ca3e30bf93c4abf539f7af81a5a8b6e2466c9005ba696c4b156f45e22a42f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 03:28:20 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 09:59:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
39617
x-amz-server-side-encryption
AES256
etag
W/"c448df17daaf6d4cfa360cc6f73635fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Jo_yx0iZcqnL6gD5slP30FN-8K0wlEMIdrJ4w-jxDYftl6yONk063Q==
main.1f91ba34.chunk.css
frontend-releases.fbri.co/releases/content_pages/2.27.1/static/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend-releases.fbri.co/releases/content_pages/2.27.1/static/css/main.1f91ba34.chunk.css
Requested by
Host: apply.academies.hsa.net
URL: https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32d1f90f112d1004f5097f5357bbc44e958ac90188b634c8e040683f25387d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 03:28:20 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 09:59:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
39617
x-amz-server-side-encryption
AES256
etag
W/"25362d93514eecea5ed0fcd620e579ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
MfkNJ9urwaFq5e7va5qxo3sJnYIC489sa6EzWp4r7Of8sU2-_NYzVw==
2.526829c2.chunk.js
frontend-releases.fbri.co/releases/content_pages/2.27.1/static/js/ 		2 MB
435 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-releases.fbri.co/releases/content_pages/2.27.1/static/js/2.526829c2.chunk.js
Requested by
Host: apply.academies.hsa.net
URL: https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7e1fa189ede7ee7a22e618dd3512301a05e99cd326c2e5bac9168243393da5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 04:16:51 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 09:59:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
36582
x-amz-server-side-encryption
AES256
etag
W/"b70478b51a4347f33587cfe8852673f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
rTMLQjNEAeo5dIt7HW_WlIT9pGRGVZU2rL48_5zUHaxFnN6opZ-VEA==
main.af83a349.chunk.js
frontend-releases.fbri.co/releases/content_pages/2.27.1/static/js/ 		243 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend-releases.fbri.co/releases/content_pages/2.27.1/static/js/main.af83a349.chunk.js
Requested by
Host: apply.academies.hsa.net
URL: https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90653a8aee09c8a76cd2f0d656c13e45a218d67581e2541941353b7743d71c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 07 Apr 2023 05:34:36 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2023 09:59:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
32377
x-amz-server-side-encryption
AES256
etag
W/"945addf88344ca636241645952d129ff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9o-FCwIH45eF_uwRI4Z4Rm-ZDKQ1ugRih6S5ISpatNTZVcsgPjXojQ==
current
apply.academies.hsa.net/api/users/ 		57 B
927 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apply.academies.hsa.net/api/users/current
Requested by
Host: frontend-releases.fbri.co
URL: https://frontend-releases.fbri.co/releases/content_pages/2.27.1/static/js/2.526829c2.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.127.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-127-164.eu-west-1.compute.amazonaws.com
Software
nginx / Phusion Passenger(R) Enterprise
Resource Hash
d2945f6afdf33b8aa1c1c6b12aae86ecf8ccc618e2f9c1cdb4906050dda63071
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

ff-frontend-cdn
https://cdn1.fbri.co
x-runtime
0.044088
date
Fri, 07 Apr 2023 14:26:32 GMT
ff-revision
1e141053d43bbdbf0105cbd7cad80e2f6d1a0699
server
nginx
x-powered-by
Phusion Passenger(R) Enterprise
ff-frontend-revision
fbfc3a6cb0e3e0036478c67ca33a2d1cb2f61510
x-frame-options
DENY
content-type
application/json; charset=utf-8
status
401 Unauthorized
cache-control
no-cache
content-length
57
x-request-id
5a8047a6-2181-4e8b-8e14-c369971e2d60
v3
js.stripe.com/ 		456 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: frontend-releases.fbri.co
URL: https://frontend-releases.fbri.co/releases/content_pages/2.27.1/static/js/2.526829c2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
642548ef987686f13dafaf471f4bc4590d9c774abe582931c7fc2ca2ffb48b81
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 07 Apr 2023 14:26:32 GMT
via
1.1 varnish
age
22
x-cache
HIT
content-length
125307
x-request-id
0531cd7c-0486-404e-a210-6a738fc3884c
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Thu, 06 Apr 2023 20:03:35 GMT
server
Fastly
etag
"99eb64b1c7ae941331499a05ad97e0d7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
1_copy___2022_12_26_17_20_50.png
s3.eu-west-1.amazonaws.com/fullfabric.production/hsa/authentication/ 		372 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-west-1.amazonaws.com/fullfabric.production/hsa/authentication/1_copy___2022_12_26_17_20_50.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.52.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
33d8ebd7233c41c491774d1f5312c39e14098104f800621d54361a69f1dc3ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 07 Apr 2023 14:26:33 GMT
x-amz-version-id
x3glYAlOn24Kr_VtbhdjLZIWQI7qlaXo
Last-Modified
Mon, 26 Dec 2022 17:20:52 GMT
Server
AmazonS3
x-amz-request-id
KWJ4M8WETJ1ZTPS9
ETag
"4169232e6e0a2eee55b4c411bceccaf7"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Content-Disposition
attachment
Accept-Ranges
bytes
Content-Length
380922
x-amz-id-2
MfOXFbbSoOYvcuETYX2C2ORi7kQSvd0pL1NtIH/iXmdm91/G1UBo2LQqqLe004eV54fiwA3GdNc=
tfg3aphk
widget.intercom.io/widget/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/tfg3aphk
Requested by
Host: apply.academies.hsa.net
URL: https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-49.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a072f4efeae13b4ee79436cb8b3d84c4c5808c0961edf8687c188370ba25186c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
GAjoGhlc1W7h_3pSU0mCUCZsEFDjOQZD
content-encoding
gzip
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
date
Fri, 07 Apr 2023 14:08:40 GMT
x-amz-cf-pop
FRA2-C1
age
1076
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3265
last-modified
Thu, 06 Apr 2023 16:49:22 GMT
server
AmazonS3
etag
"aabc797e7df545bd42554813152b3125"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
qtNF5d3MwehiedC_jebfR2hmWeByiHSAhMC3LqDhFvExTofEirQgjQ==
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 8C75 		200 B
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apply.academies.hsa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
10412489
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 07 Apr 2023 14:26:32 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 07 Dec 2022 23:30:12 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
751795
x-content-type-options
nosniff
x-request-id
aeb92542-bc37-44a4-81e3-8d88c96bd335
x-served-by
cache-hhn-etou8220079-HHN
639af8c4976a7777910004dd
apply.academies.hsa.net/content/api/pages/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apply.academies.hsa.net/content/api/pages/639af8c4976a7777910004dd
Requested by
Host: frontend-releases.fbri.co
URL: https://frontend-releases.fbri.co/releases/content_pages/2.27.1/static/js/main.af83a349.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.127.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-127-164.eu-west-1.compute.amazonaws.com
Software
nginx / Phusion Passenger(R) Enterprise
Resource Hash
9fa0c6cea718df028ce73089a5a3119590ec958a2127b7c6b8aa6f1bcd0d272b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

ff-frontend-cdn
https://cdn1.fbri.co
x-runtime
0.056861
date
Fri, 07 Apr 2023 14:26:32 GMT
ff-revision
1e141053d43bbdbf0105cbd7cad80e2f6d1a0699
content-encoding
gzip
server
nginx
etag
W/"0b7de03e17a8ad5ad277433df8e31e49"
ff-frontend-revision
fbfc3a6cb0e3e0036478c67ca33a2d1cb2f61510
x-frame-options
DENY
x-powered-by
Phusion Passenger(R) Enterprise
content-type
application/json; charset=utf-8
status
200 OK
cache-control
max-age=0, private, must-revalidate
x-request-id
6b799ee8-d4fe-4998-9eaf-1f968db6e154
csp-report
q.stripe.com/ Frame 8C75 		0
0
csp-report
q.stripe.com/ Frame 8C75 		43 B
213 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: apply.academies.hsa.net
URL: https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/csp-report

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 07 Apr 2023 14:26:36 GMT
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
server
nginx
content-length
43
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 8C75 		631 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 07 Apr 2023 14:26:32 GMT
via
1.1 varnish
age
10412489
x-cache
HIT
content-length
332
x-request-id
ab47041e-5601-452c-ac83-b98945b2ff16
x-served-by
cache-hhn-etou8220079-HHN
last-modified
Wed, 07 Dec 2022 23:30:11 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
679252
inner.html
m.stripe.network/ Frame D9BC 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-85.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
107
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 07 Apr 2023 14:24:46 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-id
s6Blx5xQcfVN7ilgS7LDv1yDEk2YVGvgrtZbBZJeOuYvasnvmE5rXw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
frame-modern.e4fd5cdb.js
js.intercomcdn.com/ Frame 08CB 		501 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.e4fd5cdb.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/tfg3aphk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5c47f2f92ae73531bd3eb0befbe5da8dd1a7c921476a322e6c82e66249669f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
bXo2rSojRh9a6chpWoemZMsxN1M0x6eH
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
date
Fri, 07 Apr 2023 13:43:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
2580
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
134722
last-modified
Thu, 06 Apr 2023 16:48:03 GMT
server
AmazonS3
etag
"ffe9701657f65656ac058eaca2909ce1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ep4AZq5m9wV_oPdBOt9R-HsCXjAOot4YEqBC1v4TKbLqglNAwSoT7Q==
vendor-modern.94ceb524.js
js.intercomcdn.com/ Frame 08CB 		237 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.94ceb524.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/tfg3aphk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
346122b7a3362b919bc15f0a65b2b1110240f67fe0fa8b07f460d15388d008ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
RPZf0A_Fddp_bEY1QpMHsh.BLKNWMX1R
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
date
Fri, 07 Apr 2023 13:05:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
4856
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74614
last-modified
Thu, 06 Apr 2023 16:48:03 GMT
server
AmazonS3
etag
"2871d0bf1d51550be0774740ad875657"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ukS7aaX0rh0K8BlQcaILPh65DlNxe3r_atAYrZRYWUvwfNkZbg0ruA==
hsa_bg___2023_01_11_16_31_04.jpeg
s3.eu-west-1.amazonaws.com/fullfabric.production/hsa/authentication/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-west-1.amazonaws.com/fullfabric.production/hsa/authentication/hsa_bg___2023_01_11_16_31_04.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.52.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e1b5adabd36522787be9ff62b93354972d0c7b9e6559fe5568a9c74f7492485b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apply.academies.hsa.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 07 Apr 2023 14:26:33 GMT
x-amz-version-id
Xm0Ndt8LbKtr_VZ5q_KIJHHHyZBT_z_z
Last-Modified
Wed, 11 Jan 2023 16:31:05 GMT
Server
AmazonS3
x-amz-request-id
KWJ6ZQ65JW598B6E
ETag
"fea7e27e87dd532745debe7bbbd94094"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Content-Disposition
attachment
Accept-Ranges
bytes
Content-Length
192239
x-amz-id-2
+imY3gtHxJTQAwUy+feWiyU7ETn9sg4xIbCn+3emyUmfsvlrgOO0DzKfM53ZxtSwDAQmt0t00p4=
csp-report
q.stripe.com/ Frame D9BC 		43 B
214 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: apply.academies.hsa.net
URL: https://apply.academies.hsa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/csp-report

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 07 Apr 2023 14:26:36 GMT
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
server
nginx
content-length
43
expires
0
out-4.5.42.js
m.stripe.network/ Frame D9BC 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-85.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 07 Apr 2023 14:26:20 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
12
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
K5Vxbr026QD7qYJVBjTENJkh4TxqE6rQB7qyyitOc7fTZU-HsJmK9Q==
6
m.stripe.com/ Frame D9BC 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.115.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-115-43.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6ffc53d6b06475e3ae9a48c1e62667061200a0211ff27187d4ec1a99395f9078
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 07 Apr 2023 14:26:33 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1680877593375704
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1680877593375308
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
q.stripe.com
URL
https://q.stripe.com/csp-report

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| SERVER_DATA string| locale string| INITIAL_APP_TITLE object| intercomSettings function| Intercom boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace object| fullstoryUser object| PRIVACY_POLICY object| MARKETING_POLICY object| COOKIES_POLICY object| DATA_PROCESSING_CONSENT_POLICY object| SENTRY_RELEASE object| SENTRY_RELEASES function| clearImmediate function| setImmediate object| __post_robot_10_0_41__ object| __zoid_9_0_62__ string| requester object| flywire object| webpackJsonpfrontend-content-pages object| regeneratorRuntime object| _scriptMap object| webpackChunkStripeJSouter function| noop function| Stripe function| __intercomAssignLocation function| __intercomReloadLocation

9 Cookies

Domain/Path Name / Value
apply.academies.hsa.net/ Name: _fullfabric_uuid
Value: b103fdaf9dc585d31f02fbdd36b15e6f147f27d10ada8e3fb8126bbf2088132c
apply.academies.hsa.net/ Name: locale
Value: en-GB
apply.academies.hsa.net/ Name: _fullfabric_session
Value: i2ue1ry8RdQpKlz9ykYmntSVXOA
.flywire.com/ Name: __cf_bm
Value: 6akIhabvcDDLZCp3MIpTQiEJ.8VYDS0pdAgoLjgM3aM-1680877592-0-AR9zebAA1v3GDmm8yQEcH0haRitNGikQ/fBILVhvm4uk2VSeVtx1l+Ct8+GFZvPru84RIfyWe8GaGUvNyy+cU84=
apply.academies.hsa.net/ Name: AWSALB
Value: Tr9w0oGmy7NFHL1Tks5SPoDdpAEhXV9P2R14IU5d/Rz27mWUp5jhb7ma6LhuA5yTec2mMq+PWO6y/QBsjjlfIQcdw6jp/oOCJ+ItZePIQ35/EY4WQDdYgL2C2LvG
apply.academies.hsa.net/ Name: AWSALBCORS
Value: Tr9w0oGmy7NFHL1Tks5SPoDdpAEhXV9P2R14IU5d/Rz27mWUp5jhb7ma6LhuA5yTec2mMq+PWO6y/QBsjjlfIQcdw6jp/oOCJ+ItZePIQ35/EY4WQDdYgL2C2LvG
m.stripe.com/ Name: m
Value: 234f36aa-aa7c-466b-8d9f-807e168bc16365429e
.apply.academies.hsa.net/ Name: __stripe_mid
Value: 3572711f-d36d-4778-8679-edd3586cd0814d44c3
.apply.academies.hsa.net/ Name: __stripe_sid
Value: 180f4333-579b-460f-ad85-a960755083d522521d

2 Console Messages

Source Level URL
Text
network error URL: https://apply.academies.hsa.net/api/users/current
Message:
Failed to load resource: the server responded with a status of 401 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apply.academies.hsa.net
college-harvard.mxredwood.com
frontend-releases.fbri.co
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
payment.flywire.com
q.stripe.com
s3.eu-west-1.amazonaws.com
widget.intercom.io
q.stripe.com
104.17.66.74
13.224.189.44
13.224.189.49
151.101.128.176
18.210.197.97
18.66.147.43
3.248.127.164
34.208.115.43
52.218.52.124
54.187.159.182
99.86.4.85
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
32d1f90f112d1004f5097f5357bbc44e958ac90188b634c8e040683f25387d09
33d8ebd7233c41c491774d1f5312c39e14098104f800621d54361a69f1dc3ebe
346122b7a3362b919bc15f0a65b2b1110240f67fe0fa8b07f460d15388d008ff
642548ef987686f13dafaf471f4bc4590d9c774abe582931c7fc2ca2ffb48b81
695ca3e30bf93c4abf539f7af81a5a8b6e2466c9005ba696c4b156f45e22a42f
6ffc53d6b06475e3ae9a48c1e62667061200a0211ff27187d4ec1a99395f9078
8593c126ec9b9249d9a5d78141e0bfeab8bfcbb7509b097cd9edc83fa2c0090b
90653a8aee09c8a76cd2f0d656c13e45a218d67581e2541941353b7743d71c0f
9fa0c6cea718df028ce73089a5a3119590ec958a2127b7c6b8aa6f1bcd0d272b
a072f4efeae13b4ee79436cb8b3d84c4c5808c0961edf8687c188370ba25186c
a5c47f2f92ae73531bd3eb0befbe5da8dd1a7c921476a322e6c82e66249669f3
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2945f6afdf33b8aa1c1c6b12aae86ecf8ccc618e2f9c1cdb4906050dda63071
e1b5adabd36522787be9ff62b93354972d0c7b9e6559fe5568a9c74f7492485b
e7e1fa189ede7ee7a22e618dd3512301a05e99cd326c2e5bac9168243393da5e
f15a72be593258a06224e006ede19712baea917dc253a4ef67eaa9fc32786be8
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083