urlscan.io logo urlscan.io
SecurityTrails logo

portal.chaserhq.com Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://eu.nyl.as/t1/10/ba2317ov92f3wa613me1e2tev/0/263c78f2ffe771dff973da42e9a951938070099b95966c130ead016a22efd71a
Effective URL: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ
Submission: On May 30 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is portal.chaserhq.com.
TLS certificate: Issued by GTS CA 1D4 on April 30th 2024. Valid for: 3 months.
This is the only time portal.chaserhq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
6 199.36.158.100 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 151.101.0.176 54113 (FASTLY)
1 151.101.192.176 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
14 5
1    2606:4700:4400::6812:21b5 (United States)

ASN13335 (CLOUDFLARENET, US)
eu.nyl.as
6    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
portal.chaserhq.com
5    2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
api.statement-gateway.com
1    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2a00:1450:4001:801::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
Apex Domain
Subdomains		 Transfer
6 chaserhq.com
portal.chaserhq.com
322 KB
5 statement-gateway.com
api.statement-gateway.com
4 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
148 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 353
84 KB
1 nyl.as
eu.nyl.as
278 B
14 5
Domain Requested by
6 portal.chaserhq.com portal.chaserhq.com
5 api.statement-gateway.com portal.chaserhq.com
2 js.stripe.com portal.chaserhq.com
js.stripe.com
1 storage.googleapis.com
1 eu.nyl.as 1 redirects
14 5

This site contains links to these domains. Also see Links.

Domain
api.statement-gateway.com
Subject Issuer Validity Valid
portal.chaserhq.com
GTS CA 1D4		 2024-04-30 -
2024-07-29		 3 months crt.sh
api.statement-gateway.com
GTS CA 1D4		 2024-05-09 -
2024-08-07		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
storage.googleapis.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ
Frame ID: 57CFCA966C81148AF02EDF611426B814
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: E6959147EC4469FF209A416A5B2931C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payment Portal

Page URL History Show full URLs

  1. https://eu.nyl.as/t1/10/ba2317ov92f3wa613me1e2tev/0/263c78f2ffe771dff973da42e9a951938070099b95... HTTP 302
    https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

558 kB
Transfer

1814 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eu.nyl.as/t1/10/ba2317ov92f3wa613me1e2tev/0/263c78f2ffe771dff973da42e9a951938070099b95966c130ead016a22efd71a HTTP 302
    https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request QplBuObXn_kwW0iZ9xqGNQ
portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/
Redirect Chain
  • https://eu.nyl.as/t1/10/ba2317ov92f3wa613me1e2tev/0/263c78f2ffe771dff973da42e9a951938070099b95966c130ead016a22efd71a
  • https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ
757 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
00d1d63faa6dcb483497bb62dc6303a9e42ca6d58e19413457e86e548fd7e351
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
247
content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 14:35:04 GMT
etag
"1da5161c4760f5ec0ba455a124481ac1533d62f3453dc79d3a06f3817422d58e-br"
last-modified
Tue, 21 May 2024 20:43:27 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
x-served-by
cache-lhr-egll1980027-LHR
x-timer
S1717079705.756536,VS0,VE121
x-xss-protection
0

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
88bf72d96fde9463-LHR
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 14:35:04 GMT
location
https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ
server
cloudflare
via
kong/3.2.2.1-enterprise-edition
x-kong-proxy-latency
0
x-kong-upstream-latency
57
x-unique-id
77a4868a-2f34-443b-8962-7fe322b6dd29
main.a44a0ecf.js
portal.chaserhq.com/static/js/ 		827 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a09e1e8f698b2502714b9322df38bf2a91e9694a35f24ec248e71625979bab8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 30 May 2024 14:35:04 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
214201
x-xss-protection
0
x-served-by
cache-lhr-egll1980027-LHR
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717079705.906436,VS0,VE1
etag
"3331b910d4d5e2d255bf54adcfaeda221d073263f6896a3020cbfc3fbdd672ae-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
main.fec22f59.css
portal.chaserhq.com/static/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/static/css/main.fec22f59.css
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98cc44f619d962ded7fe0c51bcaa636fed081bc63288e4c19b329e259a91ec3f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 30 May 2024 14:35:04 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4526
x-xss-protection
0
x-served-by
cache-lhr-egll1980027-LHR
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717079705.905985,VS0,VE2
etag
"caf21dd99b7d02068fc3ac9e91701939c4c8ec0e1c6cb9542473ccb8ca2dd646-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
4yRgAHSjqR1ieypYKO3vwQ
api.statement-gateway.com/creditor/ 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
542c24deb9f6f3583772c809b9c1f7bf0853f30041998c80db2be5c5b646e2f7
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 30 May 2024 14:35:05 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
555
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"22b-npBGm8uqv1qlcZ/kl5LyJEg/Qd4"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
x-cloud-trace-context
6beb90e109702f515146c93463e3f003
content-type
application/json; charset=utf-8
QplBuObXn_kwW0iZ9xqGNQ
api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ/debtor/ 		192 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ/debtor/QplBuObXn_kwW0iZ9xqGNQ
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
29ffa54b959780ec69a8e74f347ec4ecdfbf86e0446a6841913107e932a2d04d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 30 May 2024 14:35:05 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
192
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"c0-8lbPUtjYPTPKRSoYo+L0kqs61HI"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
x-cloud-trace-context
c5e5d2f88016a1a11d2bc9f87f2df247;o=1
content-type
application/json; charset=utf-8
v3
js.stripe.com/ 		606 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8dfad747a40c3b11909233620ef2ebbc820dc5db7b6644f810e2d4c71f05b3b5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 30 May 2024 14:35:05 GMT
via
1.1 varnish
age
10
x-cache
HIT
content-length
151347
x-request-id
2fc4602f-f7fd-495b-b979-976fee52e24b
x-served-by
cache-lhr-egll1980031-LHR
last-modified
Thu, 30 May 2024 04:16:51 GMT
server
Fastly
etag
"3ce61c63415791ede407f3004a0046ce"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16189
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame E695 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
45752
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 14:35:05 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 30 May 2024 01:45:29 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
13702
x-content-type-options
nosniff
x-request-id
0d317ff2-21aa-43ed-9895-94901f2c4556
x-served-by
cache-lhr-egll1980041-LHR
NunitoSans-SemiBold.19a4b6461d900f20a9a6.ttf
portal.chaserhq.com/static/media/ 		137 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/static/media/NunitoSans-SemiBold.19a4b6461d900f20a9a6.ttf
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/css/main.fec22f59.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0276859d1c5961ffd790d04d29c0323ddc361a4194e8f03e715a218b21551f54
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://portal.chaserhq.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 30 May 2024 14:35:05 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
53451
x-xss-protection
0
x-served-by
cache-lhr-egll1980058-LHR
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717079705.474045,VS0,VE1
etag
"927d2d97f72357f2a4328515c66ebc1fc46b2bda39f776e48ff3fffb7dc3cd2b-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
font/ttf
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
NunitoSans-Regular.25d5a42e25da2f3ed7f4.ttf
portal.chaserhq.com/static/media/ 		136 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/static/media/NunitoSans-Regular.25d5a42e25da2f3ed7f4.ttf
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/css/main.fec22f59.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2e28393b77e81bfac576c294de53b52b9b163e632ae8a8b92325e270dfcae4a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://portal.chaserhq.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 30 May 2024 14:35:05 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
53072
x-xss-protection
0
x-served-by
cache-lhr-egll1980058-LHR
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717079705.474902,VS0,VE6
etag
"1597b5a20f68388bf2a3d428772ac8f14adfc9f4121d7d3dce7a2e10990abd37-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
font/ttf
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
favicon.ico
portal.chaserhq.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.chaserhq.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d41b38da146455cee3c09a7cf4274013d8a5807a187991a4e304425a8ef77a5b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31556926
date
Thu, 30 May 2024 14:35:05 GMT
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
289
x-xss-protection
0
x-served-by
cache-lhr-egll1980058-LHR
referrer-policy
no-referrer
last-modified
Tue, 21 May 2024 20:43:27 GMT
x-timer
S1717079706.523493,VS0,VE0
etag
"281621a8b9da0b32bc98ae2c30ff2ff8ab7d374478ddc9eddd696d2441e3ce18-br"
x-frame-options
ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
vary
x-fh-requested-host, accept-encoding
content-type
image/x-icon
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
14
rates
api.statement-gateway.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/rates
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
2c36afcc79fa6fbc34017b2a425a890bf86fe923e5d9d59374f925c636cd2b43
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 30 May 2024 14:35:05 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"9df-KG6G+2NphhVy7tgJUFpSMY/Qhno"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
cache-control
private
content-type
application/json; charset=utf-8
T3ce0tTMQ.png
storage.googleapis.com/v2-customer-portal-logo/!yf2FZ/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/v2-customer-portal-logo/!yf2FZ/T3ce0tTMQ.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4f49bd398b20250d63f460770264cf396516d5df5b124b900dd36724361c094a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 14:35:05 GMT
x-guploader-uploadid
ABPtcPoSIsuURTcVrqsBKikFvS56p92zVdgSncuLUc40LHU_VVzBPIcC5O2dzs2fckNwTlP6oxE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85426
last-modified
Thu, 01 Feb 2024 09:39:49 GMT
server
UploadServer
etag
"64c3afbdaab29a5829c321da554ab829"
x-goog-generation
1706780389969190
content-type
image/png
x-goog-hash
crc32c=Mq3dAA==, md5=ZMOvvaqymlgpwyHaVUq4KQ==
cache-control
no-cache
x-goog-stored-content-length
85426
accept-ranges
bytes
expires
Fri, 30 May 2025 14:35:05 GMT
invoices
api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ/debtor/QplBuObXn_kwW0iZ9xqGNQ/ 		370 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/creditor/4yRgAHSjqR1ieypYKO3vwQ/debtor/QplBuObXn_kwW0iZ9xqGNQ/invoices?paid=0
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4b4206ff58c23e486b99f1489db730c70faa029ab7b9f6b471324325d7b69037
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 30 May 2024 14:35:06 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
370
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"172-5ugn2stG+qs8IE5ecdVxRz0yaFU"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
x-cloud-trace-context
450ffeb41ab02353a0a8a28c6913cac8
content-type
application/json; charset=utf-8
paymentinformation
api.statement-gateway.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.statement-gateway.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ/paymentinformation
Requested by
Host: portal.chaserhq.com
URL: https://portal.chaserhq.com/static/js/main.a44a0ecf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 30 May 2024 14:35:06 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
0
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
X-Filename
x-cloud-trace-context
ce1a296b15b07bbc94c10f496cd14963
content-type
text/html

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __SENTRY__ function| applyFocusVisiblePolyfill function| _ object| regeneratorRuntime object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 4ab9b599-c861-4736-bb6c-6783f1df30544671b4
.portal.chaserhq.com/ Name: __stripe_mid
Value: 43f1cc34-78b3-4232-8ebc-d643c67fb8a4369d56
.portal.chaserhq.com/ Name: __stripe_sid
Value: 7ded9fe5-7a2b-4dd6-9140-78c922a3df19e8d25a

1 Console Messages

Source Level URL
Text
other warning URL: https://portal.chaserhq.com/c/4yRgAHSjqR1ieypYKO3vwQ/d/QplBuObXn_kwW0iZ9xqGNQ
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au; img-src 'self' https://*.chaserhq.com https://storage.googleapis.com data:; object-src 'none'; script-src 'self' https://js.stripe.com; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; connect-src 'self' https://*.chaserhq.com https://*.statement-gateway.com https://api.stripe.com; frame-src https://js.stripe.com https://hooks.stripe.com https://*.zrecruitment.com.au https://*.zstaffing.com.au;
Strict-Transport-Security max-age=31556926
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.chaserhq.com https://*.zrecruitment.com.au https://*.zstaffing.com.au
X-Xss-Protection 0