urlscan.io logo urlscan.io
SecurityTrails logo

portal.chaserhq.com Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://eu.nyl.as/t1/10/8kh7j8786nn08utb59alnohvu/0/b63c19736491119bd92ca263d0552acc2fb62f66199b8caca33cc15a34063495
Effective URL: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ
Submission: On June 06 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is portal.chaserhq.com.
TLS certificate: Issued by GTS CA 1D4 on April 30th 2024. Valid for: 3 months.
This is the only time portal.chaserhq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
6 199.36.158.100 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 18.173.154.44 16509 (AMAZON-02)
1 18.173.154.26 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
14 5
1    2606:4700:4400::ac40:9a4b (United States)

ASN13335 (CLOUDFLARENET, US)
eu.nyl.as
6    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
portal.chaserhq.com
5    2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
api.statement-gateway.com
1    18.173.154.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-44.muc50.r.cloudfront.net
js.stripe.com
1    18.173.154.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-26.muc50.r.cloudfront.net
js.stripe.com
1    2a00:1450:4001:802::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
Apex Domain
Subdomains		 Transfer
6 chaserhq.com
portal.chaserhq.com
322 KB
5 statement-gateway.com
api.statement-gateway.com
3 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1516
149 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 451
84 KB
1 nyl.as
eu.nyl.as
275 B
14 5
Domain Requested by
6 portal.chaserhq.com portal.chaserhq.com
5 api.statement-gateway.com portal.chaserhq.com
2 js.stripe.com portal.chaserhq.com
js.stripe.com
1 storage.googleapis.com
1 eu.nyl.as 1 redirects
14 5

This site contains links to these domains. Also see Links.

Domain
api.statement-gateway.com
Subject Issuer Validity Valid
portal.chaserhq.com
GTS CA 1D4		 2024-04-30 -
2024-07-29		 3 months crt.sh
api.statement-gateway.com
GTS CA 1D4		 2024-05-09 -
2024-08-07		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
storage.googleapis.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ
Frame ID: AEDB14C9D77E73DBECCB08749383BA12
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: A006E499E5D70024D1210B3C5EA44DA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payment Portal

Page URL History Show full URLs

  1. https://eu.nyl.as/t1/10/8kh7j8786nn08utb59alnohvu/0/b63c19736491119bd92ca263d0552acc2fb62f6619... HTTP 302
    https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

558 kB
Transfer

1817 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eu.nyl.as/t1/10/8kh7j8786nn08utb59alnohvu/0/b63c19736491119bd92ca263d0552acc2fb62f66199b8caca33cc15a34063495 HTTP 302
    https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request NrbkvX0sx27souSKn9EgKQ
portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/
Redirect Chain
  • https://eu.nyl.as/t1/10/8kh7j8786nn08utb59alnohvu/0/b63c19736491119bd92ca263d0552acc2fb62f66199b8caca33cc15a34063495
  • https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ
757 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
00d1d63faa6dcb483497bb62dc6303a9e42ca6d58e19413457e86e548fd7e351
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
247
content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-type
text/html; charset=utf-8
date
Thu, 06 Jun 2024 12:24:55 GMT
etag
"1da5161c4760f5ec0ba455a124481ac1533d62f3453dc79d3a06f3817422d58e-br"
last-modified
Tue, 21 May 2024 20:43:27 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
x-served-by
cache-mxp6937-MXP
x-timer
S1717676695.931778,VS0,VE179
x-xss-protection
0

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
88f861cd9ea79726-AMS
content-type
text/html; charset=utf-8
date
Thu, 06 Jun 2024 12:24:54 GMT
location
https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ
server
cloudflare
via
kong/3.2.2.1-enterprise-edition
x-kong-proxy-latency
1
x-kong-upstream-latency
74
x-unique-id
6b441db9-671c-4ec1-bce0-c810646d7869
main.a44a0ecf.js
portal.chaserhq.com/static/js/ 		827 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a09e1e8f698b2502714b9322df38bf2a91e9694a35f24ec248e71625979bab8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 06 Jun 2024 12:24:55 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
214201
x-xss-protection
0
x-served-by
cache-mxp6937-MXP
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717676695.149198,VS0,VE2
etag
"3331b910d4d5e2d255bf54adcfaeda221d073263f6896a3020cbfc3fbdd672ae-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
main.fec22f59.css
portal.chaserhq.com/static/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/static/css/main.fec22f59.css
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98cc44f619d962ded7fe0c51bcaa636fed081bc63288e4c19b329e259a91ec3f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 06 Jun 2024 12:24:55 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4526
x-xss-protection
0
x-served-by
cache-mxp6937-MXP
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717676695.149220,VS0,VE3
etag
"caf21dd99b7d02068fc3ac9e91701939c4c8ec0e1c6cb9542473ccb8ca2dd646-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
4yRgAHSjqR1ieypYKO3vwQ
api.statement-gateway.com/creditor/ 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
542c24deb9f6f3583772c809b9c1f7bf0853f30041998c80db2be5c5b646e2f7
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 12:24:55 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
555
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"22b-npBGm8uqv1qlcZ/kl5LyJEg/Qd4"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
x-cloud-trace-context
be572a50d9b89b14e318a2cfd99273eb
content-type
application/json; charset=utf-8
NrbkvX0sx27souSKn9EgKQ
api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ/debtor/ 		185 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ/debtor/NrbkvX0sx27souSKn9EgKQ
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
13d10d3a279a3d9ee89307c869ec039762ec1cc46fe58a9c14c21d5271ce2b57
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 12:24:55 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
185
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"b9-e4/IgjBlATUg7iYW2bX717B5GLA"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
x-cloud-trace-context
3ee545514d647f6cfa4bf26713859086
content-type
application/json; charset=utf-8
v3
js.stripe.com/ 		609 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-44.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
08116832f56c8de3521a2dc24ad5672ad642e07814636b30377e16f5375839dd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 12:24:51 GMT
content-encoding
br
via
1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
10
x-amz-cf-pop
MUC50-P3
x-cache
Hit from cloudfront
last-modified
Wed, 05 Jun 2024 20:39:20 GMT
server
Cloudfront
etag
W/"4b199a15b8793b0096c67208552c9829"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
ouR8KyII-auqr6cVlosXnkbkluC5DZNBKBlUsNn3Lx8o2Fo7kSgkLw==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame A006 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-26.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2463
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 06 Jun 2024 11:43:53 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 30 May 2024 20:04:59 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-id
kbS8o9xwHZJr6L-y__XYjPfthEiaozs0EXQctiZZHsAwW10jxOl_PQ==
x-amz-cf-pop
MUC50-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.ico
portal.chaserhq.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d41b38da146455cee3c09a7cf4274013d8a5807a187991a4e304425a8ef77a5b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 06 Jun 2024 12:24:55 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
289
x-xss-protection
0
x-served-by
cache-mxp6923-MXP
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717676696.657343,VS0,VE2
etag
"281621a8b9da0b32bc98ae2c30ff2ff8ab7d374478ddc9eddd696d2441e3ce18-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
image/x-icon
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
NunitoSans-SemiBold.19a4b6461d900f20a9a6.ttf
portal.chaserhq.com/static/media/ 		137 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/static/media/NunitoSans-SemiBold.19a4b6461d900f20a9a6.ttf
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/css/main.fec22f59.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0276859d1c5961ffd790d04d29c0323ddc361a4194e8f03e715a218b21551f54
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://portal.chaserhq.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 06 Jun 2024 12:24:55 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
53451
x-xss-protection
0
x-served-by
cache-mxp6923-MXP
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717676696.677387,VS0,VE1
etag
"927d2d97f72357f2a4328515c66ebc1fc46b2bda39f776e48ff3fffb7dc3cd2b-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
font/ttf
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
NunitoSans-Regular.25d5a42e25da2f3ed7f4.ttf
portal.chaserhq.com/static/media/ 		136 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/static/media/NunitoSans-Regular.25d5a42e25da2f3ed7f4.ttf
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/css/main.fec22f59.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2e28393b77e81bfac576c294de53b52b9b163e632ae8a8b92325e270dfcae4a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://portal.chaserhq.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 06 Jun 2024 12:24:55 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
53072
x-xss-protection
0
x-served-by
cache-mxp6923-MXP
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717676696.677360,VS0,VE1
etag
"1597b5a20f68388bf2a3d428772ac8f14adfc9f4121d7d3dce7a2e10990abd37-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
font/ttf
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
rates
api.statement-gateway.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/rates
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8565b722a783c2a90bee5ad33fd61ae6261087ffede5ba50c6928829d8ec7ac1
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 12:24:56 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"9d5-WrmyysZzb8KwIBNU0LkNUQna8Fk"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
cache-control
private
content-type
application/json; charset=utf-8
T3ce0tTMQ.png
storage.googleapis.com/v2-customer-portal-logo/!yf2FZ/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/v2-customer-portal-logo/!yf2FZ/T3ce0tTMQ.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4f49bd398b20250d63f460770264cf396516d5df5b124b900dd36724361c094a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 12:24:56 GMT
x-guploader-uploadid
ABPtcPp14pL5WwS3PLgU1zQaGD6IaAb209cFo-EXlflTwr7lmArO_SJFu0mPRp_seHDt8oylul9hlDYRjQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85426
last-modified
Thu, 01 Feb 2024 09:39:49 GMT
server
UploadServer
etag
"64c3afbdaab29a5829c321da554ab829"
x-goog-generation
1706780389969190
content-type
image/png
x-goog-hash
crc32c=Mq3dAA==, md5=ZMOvvaqymlgpwyHaVUq4KQ==
cache-control
no-cache
x-goog-stored-content-length
85426
accept-ranges
bytes
expires
Fri, 06 Jun 2025 12:24:56 GMT
invoices
api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ/debtor/NrbkvX0sx27souSKn9EgKQ/ 		2 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ/debtor/NrbkvX0sx27souSKn9EgKQ/invoices?paid=0
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 12:24:56 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
2
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
x-cloud-trace-context
8a893aae3d2cc21ecf0411e2dd38938a
content-type
application/json; charset=utf-8
paymentinformation
api.statement-gateway.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ/paymentinformation
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 12:24:56 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
0
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
x-cloud-trace-context
c802025d7cbef1bc2601ccc7fa3fe23e
content-type
text/html

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __SENTRY__ function| applyFocusVisiblePolyfill function| _ object| regeneratorRuntime object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 77a37a8a-6468-4efe-b985-0f25fb42a74afc2f12
.portal.chaserhq.com/ Name: __stripe_mid
Value: 18573138-0299-48d5-9291-4e32c1b98b9cf598a9
.portal.chaserhq.com/ Name: __stripe_sid
Value: 6453509c-4fb7-4d02-9b9d-09ef508c6185b1da2f

1 Console Messages

Source Level URL
Text
other warning URL: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/NrbkvX0sx27souSKn9EgKQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0