kh.login.illustrativemathematics.org Open in urlscan Pro
54.157.4.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kh.login.illustrativemathematics.org/
Effective URL:
https://kh.login.illustrativemathematics.org/id_verification_sessions/new
Submission: On July 13 via automatic, source certstream-suspicious (July 13th 2022, 8:42:58 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 13 HTTP transactions. The main IP is 54.157.4.65, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is kh.login.illustrativemathematics.org.
TLS certificate: Issued by R3 on July 13th 2022. Valid for: 3 months.

This is the only time kh.login.illustrativemathematics.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	54.157.4.65 54.157.4.65	14618 (AMAZON-AES) (AMAZON-AES)
3	18.66.122.63 18.66.122.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	52.222.236.21 52.222.236.21	16509 (AMAZON-02) (AMAZON-02)
1	52.25.10.74 52.25.10.74	16509 (AMAZON-02) (AMAZON-02)
13	7

4 54.157.4.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-4-65.compute-1.amazonaws.com

kh.login.illustrativemathematics.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-63.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-21.fra56.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.10.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-10-74.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 2072 q.stripe.com — Cisco Umbrella Rank: 15477 m.stripe.com — Cisco Umbrella Rank: 1734	88 KB
4	illustrativemathematics.org 1 redirects kh.login.illustrativemathematics.org	117 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2241	18 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	1 KB
13	5

	Domain	Requested by
4	kh.login.illustrativemathematics.org	1 redirects kh.login.illustrativemathematics.org
3	js.stripe.com	kh.login.illustrativemathematics.org js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	kh.login.illustrativemathematics.org
1	m.stripe.com	m.stripe.network
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	kh.login.illustrativemathematics.org
13	7

This site contains links to these domains. Also see Links.

Domain
support.stripe.com

Subject Issuer	Validity	Valid
kh.login.illustrativemathematics.org R3	`2022-07-13` - `2022-10-11`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://kh.login.illustrativemathematics.org/id_verification_sessions/new
Frame ID: 85FC6158AD108F108C9FBE7366A66BB6
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 6B70D145215ADE7E48A6B6922CB75AFD
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6211C863DCE926FD011EE6FBEA1F5F38
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Register

Page URL History Show full URLs

https://kh.login.illustrativemathematics.org/ HTTP 302
https://kh.login.illustrativemathematics.org/id_verification_sessions/new Page URL

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

267 kB
Transfer

1019 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://support.stripe.com/questions/common-questions-about-stripe-identity
Title: Stripe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kh.login.illustrativemathematics.org/ HTTP 302
https://kh.login.illustrativemathematics.org/id_verification_sessions/new Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request new Show response
kh.login.illustrativemathematics.org/id_verification_sessions/
Redirect Chain

https://kh.login.illustrativemathematics.org/
https://kh.login.illustrativemathematics.org/id_verification_sessions/new

18 KB
19 KB

107ms
106ms

Document
text/html

54.157.4.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kh.login.illustrativemathematics.org/id_verification_sessions/new

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.157.4.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-4-65.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

d117d99a7ddfc2968b8f3cae01127e926611761cc58dd3ed8b5de622e4f9d5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Jul 2022 20:42:53 GMT
Etag: W/"d117d99a7ddfc2968b8f3cae01127e92"
Link: </assets/application-95fa566c4929d693d279c39122ad5f4f2c0fb1d361726be6de71a79035d53195.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
Transfer-Encoding: chunked
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 7b301acb-2c11-47d1-a084-0c1ec8f7375c
X-Runtime: 0.004312
X-Xss-Protection: 0

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Wed, 13 Jul 2022 20:42:53 GMT
Location: https://kh.login.illustrativemathematics.org/id_verification_sessions/new
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
Transfer-Encoding: chunked
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 2935cc55-42b4-44fe-bb6c-1c42dfa2c508
X-Runtime: 0.002436
X-Xss-Protection: 0

GET
H/1.1 200
OK application-95fa566c4929d693d279c39122ad5f4f2c0fb1d361726be6de71a79035d53195.css
kh.login.illustrativemathematics.org/assets/ 160 KB
24 KB 191ms
98ms Stylesheet
text/css 54.157.4.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kh.login.illustrativemathematics.org/assets/application-95fa566c4929d693d279c39122ad5f4f2c0fb1d361726be6de71a79035d53195.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.4.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-4-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ef34e8ce7df8950ea27fbc127e2b8782ae9d233fd36eb177c896adc38266a80e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kh.login.illustrativemathematics.org/id_verification_sessions/new
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 20:42:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jul 2022 16:46:58 GMT
Server: Cowboy
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Connection: keep-alive
Content-Length: 23839

GET
H/1.1 200
OK application-f84cf453678513bf9614f3d514de1c5d4bce266f42d41dcdbb73a8eced0afcf4.js Show response
kh.login.illustrativemathematics.org/assets/ 378 KB
73 KB 289ms
97ms Script
application/javascript 54.157.4.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kh.login.illustrativemathematics.org/assets/application-f84cf453678513bf9614f3d514de1c5d4bce266f42d41dcdbb73a8eced0afcf4.js
Requested by: Host: kh.login.illustrativemathematics.org
URL: https://kh.login.illustrativemathematics.org/id_verification_sessions/new
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.157.4.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-4-65.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 76353c56d32271ff63edf7c01075820a61ed9a2f66c5a02a85ea41ba6ae62730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kh.login.illustrativemathematics.org/id_verification_sessions/new
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 20:42:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jul 2022 16:46:58 GMT
Server: Cowboy
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 vegur
Connection: keep-alive
Content-Length: 74668

GET
H2 200 / Show response
js.stripe.com/v3/ 317 KB
84 KB 68ms
9ms Script
application/javascript 18.66.122.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: kh.login.illustrativemathematics.org
URL: https://kh.login.illustrativemathematics.org/id_verification_sessions/new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-63.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

62b149d7ee2963918dd31e0fa9b0bba110fe876c18039b3ee9869993594fa2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kh.login.illustrativemathematics.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 8
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 20:42:45 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Wed, 13 Jul 2022 20:19:32 GMT
server: Cloudfront
etag: W/"0c364e96d4589ec6fa3dd004b71dfe85"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: Pnf80OoeXEOGcS7JxW8UsTWrgawyYQBUrzosn0chgQEbg3d5pxHI6g==

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 128ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700,800

Requested by

Host: kh.login.illustrativemathematics.org
URL: https://kh.login.illustrativemathematics.org/id_verification_sessions/new

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a9f4ad0bf0d1d0ff08a15e0cabad1830eb3ea05fbb4dc5f05aaf143f576a88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kh.login.illustrativemathematics.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 20:37:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 20:42:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 20:42:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 120ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kh.login.illustrativemathematics.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 162645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 23:32:09 GMT

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 6B70 240 B
980 B 8ms
8ms Document
text/html 18.66.122.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-63.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kh.login.illustrativemathematics.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2058
cache-control: max-age=31536000
content-length: 240
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Jul 2022 20:34:57 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Thu, 30 Jun 2022 21:55:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-id: HYk-xmo0NuH7KKPGj790dWHqU2NpHizBKd-0yMhR7Su7oekKVaRakw==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 6B70 0
570 B 523ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: kh.login.illustrativemathematics.org
URL: https://kh.login.illustrativemathematics.org/id_verification_sessions/new

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Jul 2022 20:42:54 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6B70 1 KB
1 KB 8ms
8ms Script
text/javascript 18.66.122.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-63.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 15
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 20:42:39 GMT
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Fri, 08 Jul 2022 17:55:44 GMT
server: Cloudfront
etag: W/"77711798ecf99b8bb8207cf88a10d73c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: g6KflHZ2rmdULAFn06SLfPGlD3LSFfADuMvAweQcynnl1Dp0eL-Xtg==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 6211 930 B
2 KB 54ms
9ms Document
text/html 52.222.236.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-21.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 160
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Jul 2022 20:40:15 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-id: 8Z4BKcoM2PqTgAozuSr_AAIa0Pp0QYGHyth2YsgvZIP_h8tRwdMDxg==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 6211 0
345 B 451ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: kh.login.illustrativemathematics.org
URL: https://kh.login.illustrativemathematics.org/id_verification_sessions/new

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 20:42:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 6211 86 KB
16 KB 9ms
9ms Script
text/javascript 52.222.236.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-21.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 241
date: Wed, 13 Jul 2022 20:38:54 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: jy1zlHvw4Y3fB62qtP0w-ejqaurwX6IF612h0aMaxGkb-PIn5q7wng==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

POST
H2 200 6 Show response
m.stripe.com/ Frame 6211 156 B
523 B 525ms
178ms XHR
application/json 52.25.10.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.10.74 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-10-74.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

508d56bb653de62505b35e6e413ad0bd2bb8fbcc5f879d8e9b013f98e26bf88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Jul 2022 20:42:54 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kh.login.illustrativemathematics.org/	1969-12-31 23:59:59	Name: _register_session Value: OS18AscDCmXOtUe9cRLSM2ScTqjuzdMSWyhP5WezrfgK2snCRWBl0rqY57Fo4MPTI6S6DTFNlghN38IJ5NuTnW606Gw7HGhVp4pCTcVtBNJXub1KaDBfDYzCJlRJZ%2Bac8FVuiOhbN4eAC0oxwMQCR9jo0NSPmzfqawgtMnszTOucrBdbol6lFWI8ATS4mzN5hPWGLKsWm%2FqkB4wkRSpimBAgr7r5ioRiYoSMM7o9VW03ECFB7zCG6djj4YnvwkhlfDULgHkhtrteAXj%2BS%2BGiJI30nazY7wx%2FDw%3D%3D--%2BjKkWZrONl6Uk3FI--XklhPfCpIS9vZEijHri%2FuQ%3D%3D
m.stripe.com/	1970-01-20 22:00:16	Name: m Value: 55521041-5188-4b49-b107-f959b80b1142974ad5
.kh.login.illustrativemathematics.org/	1970-01-20 13:14:40	Name: __stripe_mid Value: cb7e5a78-60fb-4f18-8fc3-24bf3acd64322b024b
.kh.login.illustrativemathematics.org/	1970-01-20 04:29:06	Name: __stripe_sid Value: 1f1ecf95-51b7-41d5-9d18-6080dfede6f364cf98

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
kh.login.illustrativemathematics.org
m.stripe.com
m.stripe.network
q.stripe.com
18.66.122.63
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
52.222.236.21
52.25.10.74
54.157.4.65
54.187.159.182
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
508d56bb653de62505b35e6e413ad0bd2bb8fbcc5f879d8e9b013f98e26bf88a
62b149d7ee2963918dd31e0fa9b0bba110fe876c18039b3ee9869993594fa2b9
6a9f4ad0bf0d1d0ff08a15e0cabad1830eb3ea05fbb4dc5f05aaf143f576a88d
76353c56d32271ff63edf7c01075820a61ed9a2f66c5a02a85ea41ba6ae62730
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
d117d99a7ddfc2968b8f3cae01127e926611761cc58dd3ed8b5de622e4f9d5e7
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef34e8ce7df8950ea27fbc127e2b8782ae9d233fd36eb177c896adc38266a80e
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

kh.login.illustrativemathematics.org Open in urlscan Pro 54.157.4.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

29 %IPv6

5 Domains

7 Subdomains

7 IPs

2 Countries

267 kBTransfer

1019 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

kh.login.illustrativemathematics.org Open in urlscan Pro
54.157.4.65 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

267 kB
Transfer

1019 kB
Size

4
Cookies

13 HTTP transactions
0 data transactions