test.iauth.billpocket.com Open in urlscan Pro
18.223.73.22  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://test.humvee.billpocket.com/ Page URL
2. https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response test.humvee.billpocket.com/	1 KB 1 KB	213ms 149ms	Document text/html	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 345a60eab11d6960e4118c299d80854e0a49911ff82e8d19ef11ec91f9ad8cf1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html content-length 1030 date Mon, 22 Nov 2021 17:37:54 GMT last-modified Tue, 10 Mar 2020 18:21:24 GMT etag "c5cdc72aa9af8ede7b235dd19b72726d" server AmazonS3 x-cache Miss from cloudfront via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id ut5JZO2hLzuUyk5-b9lAlQ0k5Y0qdNfoCeo5J8NU8HtRXHxIczrsvA==
GET H2	200	css fonts.googleapis.com/	6 KB 759 B	41ms 17ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://test.humvee.billpocket.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 22 Nov 2021 16:18:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 22 Nov 2021 17:37:53 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 22 Nov 2021 17:37:53 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 868 B	40ms 16ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://test.humvee.billpocket.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 22 Nov 2021 17:37:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 22 Nov 2021 17:37:53 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 22 Nov 2021 17:37:53 GMT
GET H2	200	runtime-es2015.js Show response test.humvee.billpocket.com/	9 KB 9 KB	263ms 262ms	Script application/javascript	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.humvee.billpocket.com/runtime-es2015.js Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 177f828b784f8251e5de0f153277297b24ca9f0eb64191d7b4f65ced5b43860e Request headers Referer https://test.humvee.billpocket.com/ Origin https://test.humvee.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 17:37:54 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) last-modified Tue, 10 Mar 2020 18:21:24 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "2848cae8ad6d0ab5b036ad4eeb59fd8c" x-cache Miss from cloudfront content-type application/javascript content-length 9401 x-amz-cf-id MkHBYagvGFU26bFb4rDNp0TBX-9kyrAJdicQIETVeuYICxFXIozDgw==
GET H2	200	polyfills-es2015.js Show response test.humvee.billpocket.com/	140 KB 140 KB	211ms 210ms	Script application/javascript	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.humvee.billpocket.com/polyfills-es2015.js Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2d6f494342e5da6edf5f19dd0eabdbf3702fb53e7ab18e306f45407a9e7163aa Request headers Referer https://test.humvee.billpocket.com/ Origin https://test.humvee.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 17:37:54 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) last-modified Tue, 10 Mar 2020 18:21:24 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "126fbc82637b2e2655fbab121b1211f8" x-cache Miss from cloudfront content-type application/javascript content-length 143278 x-amz-cf-id cXcccWT1DLVZ00--EHIXbc78jYFzMZrcp_HANk8cDE_nnLqLTRo66g==
GET H2	200	styles-es2015.js Show response test.humvee.billpocket.com/	573 KB 574 KB	185ms 184ms	Script application/javascript	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.humvee.billpocket.com/styles-es2015.js Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0176a554dac6535e58dea8fe250469c1565a4c3cfd005704d6ce5c09aa5cbe5a Request headers Referer https://test.humvee.billpocket.com/ Origin https://test.humvee.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 17:37:54 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) last-modified Tue, 10 Mar 2020 18:21:24 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "359b59705ed386ba70453d30615a229c" x-cache Miss from cloudfront content-type application/javascript content-length 586673 x-amz-cf-id TRh9iNBOzTVzTzi49X1hhXVT3LqbFQ66dW58RPACtAthCjpADRr49Q==
GET H2	200	vendor-es2015.js Show response test.humvee.billpocket.com/	6 MB 6 MB	241ms 240ms	Script application/javascript	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.humvee.billpocket.com/vendor-es2015.js Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 60e04308b8a2b9223a89697a4e74fe4b9074d2d451e9c46b90b82fa059df016b Request headers Referer https://test.humvee.billpocket.com/ Origin https://test.humvee.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 17:37:54 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) last-modified Tue, 10 Mar 2020 18:21:24 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "61eec4e47c104b51d5fff07d37f8fa3c" x-cache Miss from cloudfront content-type application/javascript content-length 6744776 x-amz-cf-id _lJ2sKC0nHHhfMHjemDsJ6mD-ajiWQNbPoTrm2LtPdNDdSxIoOb5dA==
GET H2	200	main-es2015.js Show response test.humvee.billpocket.com/	65 KB 65 KB	177ms 177ms	Script application/javascript	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.humvee.billpocket.com/main-es2015.js Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6cbe884f8c2ddd6be6510532ac7072b85190711f80fbd939981ff073c263a4fb Request headers Referer https://test.humvee.billpocket.com/ Origin https://test.humvee.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 17:37:54 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) last-modified Tue, 10 Mar 2020 18:21:24 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "b26e97acae5bdbda189051f7ee38f2de" x-cache Miss from cloudfront content-type application/javascript content-length 66314 x-amz-cf-id k8yeF5IdTBFu3pdU5JGJDghTC69n8ds8h6QhUA3fE9EeZqhxt9NINw==
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	30ms 7ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://test.humvee.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 19 Nov 2021 13:39:48 GMT x-content-type-options nosniff age 273486 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 19 Nov 2022 13:39:48 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v115/	115 KB 115 KB	10ms 9ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v115/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/icon?family=Material+Icons Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://test.humvee.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 17 Nov 2021 03:12:15 GMT x-content-type-options nosniff age 483939 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 117988 x-xss-protection 0 last-modified Wed, 10 Nov 2021 17:58:49 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 17 Nov 2022 03:12:15 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://test.humvee.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 16 Nov 2021 14:02:00 GMT x-content-type-options nosniff age 531354 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 16 Nov 2022 14:02:00 GMT
GET H2	200	main-main-module-es2015.js test.humvee.billpocket.com/	7 KB 7 KB	153ms 153ms	Script application/javascript	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.humvee.billpocket.com/main-main-module-es2015.js Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/runtime-es2015.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://test.humvee.billpocket.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 17:37:55 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) last-modified Tue, 10 Mar 2020 18:21:24 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "50aa00d94936e87d8d005943de27a7b9" x-cache Miss from cloudfront content-type application/javascript content-length 7262 x-amz-cf-id Q9SWMhZhBZGqky4PwAnaWygvX2xhOlc08CH3soamn24pCkH8p-0ahw==
GET H2	200	billpocket_horizontal_white.svg test.humvee.billpocket.com/assets/	3 KB 3 KB	188ms 187ms	Image image/svg+xml	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://test.humvee.billpocket.com/assets/billpocket_horizontal_white.svg Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://test.humvee.billpocket.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 17:37:55 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) last-modified Tue, 10 Mar 2020 18:21:24 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "a64fbe4223425dca65f647fb14bbf062" x-cache Miss from cloudfront content-type image/svg+xml content-length 3109 x-amz-cf-id 2fFKQMRR_OIdrcS9-osUh4E5gl4NwUWDg9FKDrl4K7HxFTvyeMja-g==
GET H2	200	Humvee-512.png test.humvee.billpocket.com/assets/	22 KB 22 KB	174ms 173ms	Image image/png	2600:9000:2156:e600:1e:1761:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://test.humvee.billpocket.com/assets/Humvee-512.png Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:e600:1e:1761:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://test.humvee.billpocket.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 22 Nov 2021 17:37:55 GMT via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) last-modified Tue, 10 Mar 2020 18:21:24 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "167e92a788f6b160f2d5ed532563141e" x-cache Miss from cloudfront content-type image/png content-length 22711 x-amz-cf-id TQPoXRCgVZCpx_8DTBvCyAK6-31yYBWcNh_TOSy7kw7t77bZk3eD7Q==
GET H/1.1	200 OK	Primary Request login Show response test.iauth.billpocket.com/	2 KB 1 KB	319ms 106ms	Document text/html	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Requested by Host: test.humvee.billpocket.com URL: https://test.humvee.billpocket.com/main-es2015.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 38ff40bb29698b39abc094c9609fe17b692414836ff7568d036e03514f367fec Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://test.humvee.billpocket.com/ Response headers Server nginx/1.16.1 Date Mon, 22 Nov 2021 17:37:55 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Vary Accept-Encoding ETag W/"61817488-86c" Content-Encoding gzip Strict-Transport-Security max-age=15768000
GET H/1.1	200 OK	app.e05802e6.css test.iauth.billpocket.com/css/	271 B 664 B	106ms 105ms	Stylesheet text/css	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/css/app.e05802e6.css Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash b995d3cc57653404a85da8f90af4a65b08413d5ece7bd13bb183690dba21589c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma public Date Mon, 22 Nov 2021 17:37:55 GMT Content-Encoding gzip Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag W/"61817488-10f" Vary Accept-Encoding Connection keep-alive Content-Type text/css Cache-Control max-age=315360000, public, must-revalidate, proxy-revalidate Transfer-Encoding chunked Strict-Transport-Security max-age=15768000 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	chunk-vendors.a5996188.css test.iauth.billpocket.com/css/	135 KB 18 KB	316ms 210ms	Stylesheet text/css	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 9e3fbe8d05233f80b8525f1141b5ae1ec940ec5345f605f834af782b8b9447dd Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma public Date Mon, 22 Nov 2021 17:37:55 GMT Content-Encoding gzip Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag W/"61817488-21d1f" Vary Accept-Encoding Connection keep-alive Content-Type text/css Cache-Control max-age=315360000, public, must-revalidate, proxy-revalidate Transfer-Encoding chunked Strict-Transport-Security max-age=15768000 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	app.237ffd38.js Show response test.iauth.billpocket.com/js/	15 KB 7 KB	303ms 102ms	Script application/javascript	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/js/app.237ffd38.js Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 78f78384b1afb8b44ddd7114b2fe2f9fb0063b55b84949779530b4e2ebd39f2f Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Origin https://test.iauth.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma public Date Mon, 22 Nov 2021 17:37:55 GMT Content-Encoding gzip Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag W/"61817488-3acf" Vary Accept-Encoding Connection keep-alive Content-Type application/javascript Cache-Control max-age=315360000, public, must-revalidate, proxy-revalidate Transfer-Encoding chunked Strict-Transport-Security max-age=15768000 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	chunk-vendors.86f13920.js Show response test.iauth.billpocket.com/js/	296 KB 88 KB	405ms 204ms	Script application/javascript	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/js/chunk-vendors.86f13920.js Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 49006fa31f2165148ae718cf5ac2cbb5cdc8dbdc597869ae418c540f16e1d95c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Origin https://test.iauth.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma public Date Mon, 22 Nov 2021 17:37:55 GMT Content-Encoding gzip Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag W/"61817488-4a117" Vary Accept-Encoding Connection keep-alive Content-Type application/javascript Cache-Control max-age=315360000, public, must-revalidate, proxy-revalidate Transfer-Encoding chunked Strict-Transport-Security max-age=15768000 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0fc2ea57a17e2dba508a82c0a53858b6ef97273565a8ac28709bb5899cdb55bf Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	bg.f7bb726b.png test.iauth.billpocket.com/img/	564 KB 565 KB	103ms 103ms	Image image/png	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://test.iauth.billpocket.com/img/bg.f7bb726b.png Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 0b83a060b8fdaae289fd01f28374c3dceb2b815b1e26589de7f75807aab6fccb Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://test.iauth.billpocket.com/login?returnUrl=https://test.humvee.billpocket.com/&isLocal=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma public Date Mon, 22 Nov 2021 17:37:56 GMT Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag "61817488-8d07e" Strict-Transport-Security max-age=15768000 Content-Type image/png Cache-Control max-age=315360000, public, must-revalidate, proxy-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 577662 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	Roboto-Light.d26871e8.woff2 test.iauth.billpocket.com/fonts/	63 KB 63 KB	107ms 107ms	Font font/x-woff	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/fonts/Roboto-Light.d26871e8.woff2 Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Origin https://test.iauth.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 17:37:56 GMT Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag "61817488-fb40" Strict-Transport-Security max-age=15768000 Content-Type font/x-woff Access-Control-Allow-Origin * Cache-Control max-age=604800, public Connection keep-alive Accept-Ranges bytes Content-Length 64320 Expires Mon, 29 Nov 2021 17:37:56 GMT
GET H/1.1	200 OK	MaterialIcons-Regular.570eb838.woff2 test.iauth.billpocket.com/fonts/	43 KB 44 KB	201ms 201ms	Font font/x-woff	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/fonts/MaterialIcons-Regular.570eb838.woff2 Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Origin https://test.iauth.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 17:37:56 GMT Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag "61817488-ad0c" Strict-Transport-Security max-age=15768000 Content-Type font/x-woff Access-Control-Allow-Origin * Cache-Control max-age=604800, public Connection keep-alive Accept-Ranges bytes Content-Length 44300 Expires Mon, 29 Nov 2021 17:37:56 GMT
GET H/1.1	200 OK	Roboto-Regular.73f0a88b.woff2 test.iauth.billpocket.com/fonts/	63 KB 64 KB	208ms 208ms	Font font/x-woff	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/fonts/Roboto-Regular.73f0a88b.woff2 Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Origin https://test.iauth.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 17:37:56 GMT Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag "61817488-fc78" Strict-Transport-Security max-age=15768000 Content-Type font/x-woff Access-Control-Allow-Origin * Cache-Control max-age=604800, public Connection keep-alive Accept-Ranges bytes Content-Length 64632 Expires Mon, 29 Nov 2021 17:37:56 GMT
GET H/1.1	200 OK	Roboto-Medium.90d16760.woff2 test.iauth.billpocket.com/fonts/	64 KB 64 KB	405ms 202ms	Font font/x-woff	18.223.73.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.iauth.billpocket.com/fonts/Roboto-Medium.90d16760.woff2 Requested by Host: test.iauth.billpocket.com URL: https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.223.73.22 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-223-73-22.us-east-2.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://test.iauth.billpocket.com/css/chunk-vendors.a5996188.css Origin https://test.iauth.billpocket.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Mon, 22 Nov 2021 17:37:56 GMT Last-Modified Tue, 02 Nov 2021 17:25:28 GMT Server nginx/1.16.1 ETag "61817488-ffcc" Strict-Transport-Security max-age=15768000 Content-Type font/x-woff Access-Control-Allow-Origin * Cache-Control max-age=604800, public Connection keep-alive Accept-Ranges bytes Content-Length 65484 Expires Mon, 29 Nov 2021 17:37:56 GMT

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonp object| __core-js_shared__ object| core

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
test.humvee.billpocket.com
test.iauth.billpocket.com
18.223.73.22
2600:9000:2156:e600:1e:1761:4c0:93a1
2a00:1450:4001:808::200a
2a00:1450:4001:827::2003
0176a554dac6535e58dea8fe250469c1565a4c3cfd005704d6ce5c09aa5cbe5a
0b83a060b8fdaae289fd01f28374c3dceb2b815b1e26589de7f75807aab6fccb
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
0fc2ea57a17e2dba508a82c0a53858b6ef97273565a8ac28709bb5899cdb55bf
177f828b784f8251e5de0f153277297b24ca9f0eb64191d7b4f65ced5b43860e
1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
2d6f494342e5da6edf5f19dd0eabdbf3702fb53e7ab18e306f45407a9e7163aa
2eb3c6f7141618152e18ea9aa0065e841b51393c426c673ab4ba69aa948b8eff
345a60eab11d6960e4118c299d80854e0a49911ff82e8d19ef11ec91f9ad8cf1
38ff40bb29698b39abc094c9609fe17b692414836ff7568d036e03514f367fec
47107401d0adb375ab9aa167f9d62489a849d510e740a307b5a4db60e5db3562
49006fa31f2165148ae718cf5ac2cbb5cdc8dbdc597869ae418c540f16e1d95c
60e04308b8a2b9223a89697a4e74fe4b9074d2d451e9c46b90b82fa059df016b
6cbe884f8c2ddd6be6510532ac7072b85190711f80fbd939981ff073c263a4fb
78f78384b1afb8b44ddd7114b2fe2f9fb0063b55b84949779530b4e2ebd39f2f
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
9e3fbe8d05233f80b8525f1141b5ae1ec940ec5345f605f834af782b8b9447dd
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
b995d3cc57653404a85da8f90af4a65b08413d5ece7bd13bb183690dba21589c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca