billing.icims.com Open in urlscan Pro
20.49.97.12  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request invoice-payment Show response billing.icims.com/	8 KB 8 KB	443ms 112ms	Document text/html	20.49.97.12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.97.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash babf8556943b29e119c72257811642b65a098980ad50adc8ea9a15221db3bacd Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Cache-Control public, max-age=0 Content-Length 7815 Content-Type text/html; charset=utf-8 Date Thu, 11 Apr 2024 18:47:26 GMT ETag W/"1e87-17beb7d2360" Last-Modified Wed, 15 Sep 2021 22:04:12 GMT X-Powered-By Express
GET H/1.1	200 OK	invoice_payment_form.css billing.icims.com/assets/css/	4 KB 4 KB	101ms 100ms	Stylesheet text/css	20.49.97.12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://billing.icims.com/assets/css/invoice_payment_form.css Requested by Host: billing.icims.com URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.97.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash 00e77a8f0a02c32e30724fc8a8898d21d46ba48f05a35df7d876f102bf50c490 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 11 Apr 2024 18:47:26 GMT Last-Modified Wed, 15 Sep 2021 22:04:12 GMT ETag W/"101c-17beb7d2360" X-Powered-By Express Content-Type text/css; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=0 Access-Control-Allow-Credentials true Accept-Ranges bytes Content-Length 4124
GET H2	200	/ Show response js.stripe.com/v3/	602 KB 167 KB	47ms 10ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: billing.icims.com URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash b725c5e2777e4f94215b4ab7ab9f9fac441aef574b17440f36501062115c4bee Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://billing.icims.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Thu, 11 Apr 2024 18:47:26 GMT via 1.1 varnish age 0 x-cache HIT content-length 170514 x-request-id cd3d04f3-341f-495b-96df-250a5a2e787f x-served-by cache-fra-eddf8230142-FRA last-modified Thu, 11 Apr 2024 17:58:06 GMT server Fastly etag "088e839bbe63d470fe4b55b98eb8a2e8" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 2
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.3/	82 KB 30 KB	116ms 36ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: billing.icims.com URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://billing.icims.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 11 Apr 2024 18:15:49 GMT content-encoding gzip x-content-type-options nosniff age 1898 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29707 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Apr 2025 18:15:49 GMT
GET H/1.1	200 OK	invoice-payment-form.js Show response billing.icims.com/assets/js/	31 KB 31 KB	102ms 101ms	Script application/javascript	20.49.97.12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://billing.icims.com/assets/js/invoice-payment-form.js Requested by Host: billing.icims.com URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.97.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash f0d362f58f74391ae00bf9112b2050a98bfbfb68a32577f21e8f3e220765d114 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 11 Apr 2024 18:47:27 GMT Last-Modified Wed, 15 Sep 2021 22:04:12 GMT ETag W/"7b8f-17beb7d2360" X-Powered-By Express Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=0 Access-Control-Allow-Credentials true Accept-Ranges bytes Content-Length 31631
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame 8FA9	0 0	24ms 6ms	Document text/html	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://billing.icims.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 389870 cache-control max-age=31536000 content-encoding br content-length 154 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 11 Apr 2024 18:47:27 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Fri, 11 Nov 2022 20:25:37 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 114978 x-content-type-options nosniff x-request-id 7c7d1031-701f-4258-84da-9ed3d3766b89 x-served-by cache-fra-eddf8230107-FRA
GET H/1.1	200 OK	invoice-info Show response billing.icims.com/invoice-payment/	1 KB 1 KB	2574ms 2574ms	Fetch application/json	20.49.97.12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://billing.icims.com/invoice-payment/invoice-info?invoice=U2FsdGVkX1%2BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%3D&type=load Requested by Host: billing.icims.com URL: https://billing.icims.com/assets/js/invoice-payment-form.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.97.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash a3675736d08dc6c0a288c11cf264706c610f23f4f6c8766d7d78a588472adec6 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin * Date Thu, 11 Apr 2024 18:47:29 GMT Access-Control-Allow-Credentials true ETag W/"448-tU4Zh5iccuEURJ2foi9epzpabxQ" Content-Length 1096 X-Powered-By Express Content-Type application/json; charset=utf-8
GET H/1.1	404 Not Found	favicon.ico billing.icims.com/	150 B 447 B	404ms 105ms	Other text/html	20.49.97.12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://billing.icims.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.97.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 11 Apr 2024 18:47:27 GMT Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff X-Powered-By Express Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Content-Length 150
GET H/1.1	200 OK	public-key Show response billing.icims.com/invoice-payment/	123 B 384 B	99ms 99ms	Fetch application/json	20.49.97.12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://billing.icims.com/invoice-payment/public-key?subsidiary=4 Requested by Host: billing.icims.com URL: https://billing.icims.com/assets/js/invoice-payment-form.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.97.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash 8651d771bcc6edda4ac49bce3e2e6f9c725c5d25de81aaf00e82405286121244 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin * Date Thu, 11 Apr 2024 18:47:29 GMT Access-Control-Allow-Credentials true ETag W/"7b-TfEmltDSskITIW5oW7BYk183iaU" Content-Length 123 X-Powered-By Express Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	iCIMS.png billing.icims.com/assets/img/	4 KB 5 KB	107ms 107ms	Image image/png	20.49.97.12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://billing.icims.com/assets/img/iCIMS.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.49.97.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash 314a83a207fef67613be37ad1831ada399c9c67355b856e2b6e06186cdf74550 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 11 Apr 2024 18:47:29 GMT Last-Modified Wed, 15 Sep 2021 22:04:12 GMT ETag W/"112d-17beb7d2360" X-Powered-By Express Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=0 Access-Control-Allow-Credentials true Accept-Ranges bytes Content-Length 4397
GET H2	200	controller-with-preconnect-637a1c1948ead65247f3fbb4cf1d9dae.html js.stripe.com/v3/ Frame D642	0 0	7ms 7ms	Document text/html	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-with-preconnect-637a1c1948ead65247f3fbb4cf1d9dae.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://billing.icims.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 22 cache-control max-age=60, stale-while-revalidate=900 content-encoding br content-length 229 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 11 Apr 2024 18:47:29 GMT etag "637a1c1948ead65247f3fbb4cf1d9dae" last-modified Wed, 10 Apr 2024 20:01:53 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 24 x-content-type-options nosniff x-request-id e655b219-9083-4210-bbc8-a0161a845505 x-served-by cache-fra-eddf8230107-FRA
GET H2	200	elements-inner-card-c82039ae02a26f4fcf90958d906886a9.html js.stripe.com/v3/ Frame 4E9D	0 0	6ms 6ms	Document text/html	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-card-c82039ae02a26f4fcf90958d906886a9.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://billing.icims.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 81756 cache-control max-age=31536000 content-encoding br content-length 362 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 11 Apr 2024 18:47:29 GMT etag "c82039ae02a26f4fcf90958d906886a9" last-modified Wed, 10 Apr 2024 20:01:53 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 3448 x-content-type-options nosniff x-request-id 318588ea-f64a-4e7a-80b5-46956c6ac1d4 x-served-by cache-fra-eddf8230107-FRA
GET H2	200	hcaptcha-invisible-94a28d325f072fe9338500f45c23b91d.html js.stripe.com/v3/ Frame 9A63	0 0	7ms 7ms	Document text/html	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/hcaptcha-invisible-94a28d325f072fe9338500f45c23b91d.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-hfZrf/rGu2N9deBRKxd48Lhzp5q/5hdh65caR7kQLG8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 81754 cache-control max-age=31536000 content-encoding br content-length 25228 content-security-policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-hfZrf/rGu2N9deBRKxd48Lhzp5q/5hdh65caR7kQLG8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 11 Apr 2024 18:47:30 GMT etag "94a28d325f072fe9338500f45c23b91d" last-modified Wed, 10 Apr 2024 20:02:07 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 3607 x-content-type-options nosniff x-request-id b0897b26-a3bb-4662-8980-4fd6961f5cdc x-served-by cache-fra-eddf8230107-FRA
GET H2	200	phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response js.stripe.com/v3/fingerprinted/js/	148 KB 40 KB	12ms 12ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://billing.icims.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Thu, 11 Apr 2024 18:47:30 GMT via 1.1 varnish age 575463 x-cache HIT content-length 40295 x-request-id 11c1491e-a8e0-46c3-adf7-c9c054de3691 x-served-by cache-fra-eddf8230142-FRA last-modified Thu, 21 Dec 2023 18:13:42 GMT server Fastly etag "f7a3e754fa2fa9117506f69f618b5778" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 9149
GET H2	200	elements-inner-link-button-for-card-9680971c4a20b5c3c9e348fb0cb99aff.html js.stripe.com/v3/ Frame E4EE	0 0	8ms 8ms	Document text/html	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/elements-inner-link-button-for-card-9680971c4a20b5c3c9e348fb0cb99aff.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://billing.icims.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 81753 cache-control max-age=31536000 content-encoding br content-length 16248 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 11 Apr 2024 18:47:30 GMT etag "9680971c4a20b5c3c9e348fb0cb99aff" last-modified Wed, 10 Apr 2024 20:01:53 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 1447 x-content-type-options nosniff x-request-id ac3874a8-a452-4675-b573-43078902b07d x-served-by cache-fra-eddf8230107-FRA

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| webpackChunkStripeJSouter function| noop function| Stripe function| $ function| jQuery object| invoiceData boolean| stripeCardComplete boolean| hasFees boolean| internationalCustomer

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-21 05:23:41	Name: m Value: ea02640d-e992-44e2-b5b2-68f25b06c0e02efc4d
			.billing.icims.com/	1970-01-21 04:33:17	Name: __stripe_mid Value: c470db50-524a-4c71-a5a0-9dc6083a1d9c94ba36
			.billing.icims.com/	1970-01-20 19:47:43	Name: __stripe_sid Value: f053f578-e1b1-4eff-86d4-e29291d898e26b8dd8

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://billing.icims.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://billing.icims.com/invoice-payment?invoice=U2FsdGVkX1%252BkaCTbbxUQ5x11fDTTHenFELCuWUrAUaw%253D Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
billing.icims.com
js.stripe.com
151.101.0.176
151.101.128.176
20.49.97.12
2a00:1450:4001:811::200a
00e77a8f0a02c32e30724fc8a8898d21d46ba48f05a35df7d876f102bf50c490
314a83a207fef67613be37ad1831ada399c9c67355b856e2b6e06186cdf74550
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
8651d771bcc6edda4ac49bce3e2e6f9c725c5d25de81aaf00e82405286121244
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a3675736d08dc6c0a288c11cf264706c610f23f4f6c8766d7d78a588472adec6
b725c5e2777e4f94215b4ab7ab9f9fac441aef574b17440f36501062115c4bee
babf8556943b29e119c72257811642b65a098980ad50adc8ea9a15221db3bacd
f0d362f58f74391ae00bf9112b2050a98bfbfb68a32577f21e8f3e220765d114