thompsonbilling.com Open in urlscan Pro
2606:4700:3036::6815:4e32  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thompsonbilling.com/	32 KB 7 KB	361ms 333ms	Document text/html	2606:4700:3036::6815:4e32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://thompsonbilling.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:4e32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5280d303cd80b261b042729ffa4c49bf941feae3c0570d077480bf057dea3890 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers :method GET :authority thompsonbilling.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:57 GMT content-type text/html last-modified Wed, 26 May 2021 17:51:59 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload x-frame-options SAMEORIGIN x-content-type-options nosniff cache-control max-age=1333600, must-revalidate cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BUxokmvCrCR%2Fv4Ct7MWnGrRQSBVCDM5ZOgKuvHJPq4g8Rm9lmICkTxyLhHEBmRpZBMYuAMHX%2BLJ8AxzGCDgK6AEgIDZI6sjvirD9ylTNzUnOhgqBvdH%2BBmGrv2QGZkX%2FFh3bBfB0UyBeS8ghMgzKhci"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 684f8a5fcb315364-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	wforms-layout.css www.tfaforms.com/dist/form-builder/5.0.0/	30 KB 9 KB	569ms 257ms	Stylesheet text/css	34.226.237.40 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.tfaforms.com/dist/form-builder/5.0.0/wforms-layout.css?v=2e9f1d9e0da37161b48ef0210c02234ee05cd715 Requested by Host: thompsonbilling.com URL: https://thompsonbilling.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.226.237.40 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-237-40.compute-1.amazonaws.com Software nginx / Resource Hash 7e8c39b33a3b4e65e975aa596ac76b3a90abb5b746846a608f70d27571ea02c0 Request headers Referer https://thompsonbilling.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:57 GMT content-encoding gzip x-fa-app ecs-128-120 last-modified Wed, 25 Aug 2021 17:25:21 GMT server nginx etag W/"61267d01-7625" content-type text/css
GET H2	200	theme-76530.css www.tfaforms.com/uploads/themes/	14 KB 4 KB	570ms 258ms	Stylesheet text/css	34.226.237.40 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.tfaforms.com/uploads/themes/theme-76530.css Requested by Host: thompsonbilling.com URL: https://thompsonbilling.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.226.237.40 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-237-40.compute-1.amazonaws.com Software nginx / Resource Hash 635076612939d19541f639d8d73a833b8c02146af2637ecb8d3cb72dcdf50ba6 Request headers Referer https://thompsonbilling.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:57 GMT content-encoding gzip x-fa-app ecs-173-121 last-modified Fri, 30 Apr 2021 21:56:25 GMT server nginx etag W/"608c7d09-386a" content-type text/css
GET H2	200	wforms.js Show response www.tfaforms.com/wForms/3.11/js/	239 KB 71 KB	692ms 380ms	Script application/javascript	34.226.237.40 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.tfaforms.com/wForms/3.11/js/wforms.js?v=2e9f1d9e0da37161b48ef0210c02234ee05cd715 Requested by Host: thompsonbilling.com URL: https://thompsonbilling.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.226.237.40 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-237-40.compute-1.amazonaws.com Software nginx / Resource Hash b45047dd5cca3f4e9a591798983c2adbcf5048560612fecab4c10708cac5f8fa Request headers Referer https://thompsonbilling.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:57 GMT content-encoding gzip x-fa-app ecs-160-8 last-modified Wed, 25 Aug 2021 17:33:27 GMT server nginx etag W/"61267ee7-3bb5c" content-type application/javascript
GET H2	200	localization-en_US.js Show response www.tfaforms.com/wForms/3.11/js/	6 KB 3 KB	569ms 257ms	Script application/javascript	34.226.237.40 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.tfaforms.com/wForms/3.11/js/localization-en_US.js?v=2e9f1d9e0da37161b48ef0210c02234ee05cd715 Requested by Host: thompsonbilling.com URL: https://thompsonbilling.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.226.237.40 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-237-40.compute-1.amazonaws.com Software nginx / Resource Hash ce6098e1afbd9b04a3051d80e7ed6951ce80e59330bc66f74df78a71b2705a2c Request headers Referer https://thompsonbilling.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:57 GMT content-encoding gzip x-fa-app ecs-156-175 last-modified Wed, 25 Aug 2021 17:13:04 GMT server nginx etag W/"61267a20-1989" content-type application/javascript
GET H2	200	/ Show response js.stripe.com/v2/	62 KB 20 KB	183ms 42ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v2/ Requested by Host: thompsonbilling.com URL: https://thompsonbilling.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a0f831be9ee5da767fe9a4f425a53e843fef1d73bf52cb48becb6644ec7b73dc Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://thompsonbilling.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:57 GMT content-encoding br vary Accept-Encoding age 23 via 1.1 varnish x-cache HIT content-length 19861 x-amz-id-2 0r/nzIBZh13UtiMlqYzLO10amdQAvcuhb6XBiQ2XdfrtYYuGCCdExwNfphYSSGvPwEZ3whSOHns= x-served-by cache-fra19174-FRA timing-allow-origin * last-modified Mon, 16 Aug 2021 18:28:38 GMT server AmazonS3 etag "9aa0f060e9dc287fa15cf0f0d2a136b9" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id 997TW32ZN9H11VS3 access-control-allow-origin * cache-control public, max-age=300 accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 2
GET H2	200	iframe_message_helper_internal.js Show response www.tfaforms.com/js/	21 KB 8 KB	443ms 131ms	Script application/javascript	34.226.237.40 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.tfaforms.com/js/iframe_message_helper_internal.js?v=2 Requested by Host: thompsonbilling.com URL: https://thompsonbilling.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.226.237.40 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-237-40.compute-1.amazonaws.com Software nginx / Resource Hash 23543aaa71824cc6fee0e06935013bab69df682ebc05c606472875c9a9a932bb Request headers Referer https://thompsonbilling.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:57 GMT content-encoding gzip x-fa-app ecs-136-25 last-modified Wed, 25 Aug 2021 17:13:04 GMT server nginx etag W/"61267a20-531d" content-type application/javascript
GET H2	200	wforms-jsonly.css www.tfaforms.com/dist/form-builder/5.0.0/	755 B 850 B	229ms 229ms	Stylesheet text/css	34.226.237.40 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.tfaforms.com/dist/form-builder/5.0.0/wforms-jsonly.css?v=2e9f1d9e0da37161b48ef0210c02234ee05cd715 Requested by Host: thompsonbilling.com URL: https://thompsonbilling.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.226.237.40 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-237-40.compute-1.amazonaws.com Software nginx / Resource Hash 2c3626d21f1d22dc053238489a0ac7b58c451c95b516c1a13bd8bcf08e555c1a Request headers Referer https://thompsonbilling.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:58 GMT content-encoding gzip x-fa-app ecs-152-53 last-modified Wed, 25 Aug 2021 17:25:21 GMT server nginx etag W/"61267d01-2f3" content-type text/css
GET H2	200	css fonts.googleapis.com/	5 KB 689 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,400,700|sans-serif:300,400,700 Requested by Host: www.tfaforms.com URL: https://www.tfaforms.com/uploads/themes/theme-76530.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 26b601b2a8a3fb38deecc92a5789a95175b310b37f2cd16c96e3592c8dc1e5a4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.tfaforms.com/uploads/themes/theme-76530.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 26 Aug 2021 19:41:58 GMT server ESF date Thu, 26 Aug 2021 19:41:58 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 26 Aug 2021 19:41:58 GMT
GET H2	200	css fonts.googleapis.com/	8 KB 776 B	14ms 13ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700 Requested by Host: www.tfaforms.com URL: https://www.tfaforms.com/uploads/themes/theme-76530.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ee4f51dd947adfe2b0317e9e0d22f0565444c104d9dd843bb45a89d5fe2fcaf9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.tfaforms.com/uploads/themes/theme-76530.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 26 Aug 2021 19:34:21 GMT server ESF date Thu, 26 Aug 2021 19:41:58 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 26 Aug 2021 19:41:58 GMT
GET H2	200	dm4HESv9Qah1yDLQSL7LODOs8da0TGY1tMo7WQtEtqBQI09XxQK3w4YUwpeQvzbS-Rapid-Med-Urgent-Care-Logo-Transparent-400x105.png www.tfaforms.com/forms/get_image/123971/	16 KB 17 KB	328ms 328ms	Image image/png	34.226.237.40 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.tfaforms.com/forms/get_image/123971/dm4HESv9Qah1yDLQSL7LODOs8da0TGY1tMo7WQtEtqBQI09XxQK3w4YUwpeQvzbS-Rapid-Med-Urgent-Care-Logo-Transparent-400x105.png Requested by Host: www.tfaforms.com URL: https://www.tfaforms.com/uploads/themes/theme-76530.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.226.237.40 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-226-237-40.compute-1.amazonaws.com Software nginx / Resource Hash 8e5708f70ef74ccb8bc4e7cc4760df1b5dc2150cf5baa9fb4928315f59d855be Request headers Referer https://www.tfaforms.com/uploads/themes/theme-76530.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:58 GMT last-modified Fri, 30 Apr 2021 21:55:26 GMT server nginx etag "708c7d32e5803d4c09bb07818759b036" p3p CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" cache-control max-age=315360000 x-fa-app ecs-164-4 content-type image/png expires Sun, 24 Aug 2031 19:41:58 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 19 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://thompsonbilling.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 00:35:15 GMT x-content-type-options nosniff age 241603 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19824 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:37 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 00:35:15 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://thompsonbilling.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 00:35:15 GMT x-content-type-options nosniff age 241603 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19868 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:31 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 00:35:15 GMT
GET H3-29	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 19 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700|sans-serif:300,400,700 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://thompsonbilling.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 00:36:29 GMT x-content-type-options nosniff age 241529 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19844 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:10 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 00:36:29 GMT
GET H2	200	channel.html Show response js.stripe.com/v2/ Frame 1711	1 KB 672 B	42ms 42ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fthompsonbilling.com&stripe_xdm_c=default467426&stripe_xdm_p=1 Requested by Host: js.stripe.com URL: https://js.stripe.com/v2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a3e859b8149a06247853276aa0b4c79c4f3d0d63e91baf88bf96b76fbfc1b492 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v2/channel.html?stripe_xdm_e=https%3A%2F%2Fthompsonbilling.com&stripe_xdm_c=default467426&stripe_xdm_p=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://thompsonbilling.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://thompsonbilling.com/ Response headers x-amz-id-2 Q+VbbUCW6BVm1veyLXiNITpAFwfhFh08KhKhzeAQcS0Ky+3Au+mzrIEYfa+ebS6JAfqt1IfJ060= x-amz-request-id SJDE7A79FR6B99K4 last-modified Wed, 06 Sep 2017 17:40:34 GMT etag "19af0c6cc7a0bca20a355b3362dc64a0" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding br accept-ranges bytes date Thu, 26 Aug 2021 19:41:58 GMT via 1.1 varnish age 197 x-served-by cache-fra19174-FRA x-cache HIT x-cache-hits 21 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-length 449
GET H3-29	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,700|sans-serif:300,400,700 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://thompsonbilling.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 00:38:53 GMT x-content-type-options nosniff age 241385 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 00:38:53 GMT
GET H2	200	/ Show response js.stripe.com/v2/ Frame 1711	62 KB 19 KB	47ms 46ms	Script application/javascript	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v2/ Requested by Host: js.stripe.com URL: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fthompsonbilling.com&stripe_xdm_c=default467426&stripe_xdm_p=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a0f831be9ee5da767fe9a4f425a53e843fef1d73bf52cb48becb6644ec7b73dc Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fthompsonbilling.com&stripe_xdm_c=default467426&stripe_xdm_p=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 26 Aug 2021 19:41:58 GMT content-encoding br vary Accept-Encoding age 23 via 1.1 varnish x-cache HIT content-length 19861 x-amz-id-2 0r/nzIBZh13UtiMlqYzLO10amdQAvcuhb6XBiQ2XdfrtYYuGCCdExwNfphYSSGvPwEZ3whSOHns= x-served-by cache-fra19174-FRA timing-allow-origin * last-modified Mon, 16 Aug 2021 18:28:38 GMT server AmazonS3 etag "9aa0f060e9dc287fa15cf0f0d2a136b9" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id 997TW32ZN9H11VS3 access-control-allow-origin * cache-control public, max-age=300 accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 4
GET H2	200	outer.html Show response js.stripe.com/v2/m/ Frame B8E7	718 B 452 B	52ms 52ms	Document text/html	151.101.12.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v2/m/outer.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v2/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7832e207be33df99c990b38381b506740fe48b3c9df9a8166a18fb43989fd478 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v2/m/outer.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://thompsonbilling.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://thompsonbilling.com/ Response headers x-amz-id-2 iJXqO38rAAJHiu5woRRtKJI+r8KkinMMpWY+0wFBm5WLhBJDJlZVRLJP6z+dYo3wKVl9e9BvJSc= x-amz-request-id 2AF1D7S444EAHJ1Q last-modified Wed, 06 Sep 2017 17:40:34 GMT etag "51b76bd7931c50d2bf6d4c5a93d343f9" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding br accept-ranges bytes date Thu, 26 Aug 2021 19:41:58 GMT via 1.1 varnish age 119 x-served-by cache-fra19174-FRA x-cache HIT x-cache-hits 6 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-length 294
GET H2	200	inner.html Show response m.stripe.network/ Frame BB8C	932 B 1 KB	41ms 12ms	Document text/html	2600:9000:2190:6800:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v2/m/outer.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:6800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority m.stripe.network :scheme https :path /inner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://js.stripe.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://js.stripe.com/ Response headers content-type text/html; charset=utf-8 server nginx last-modified Thu, 12 Aug 2021 00:00:27 GMT strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; content-encoding gzip date Thu, 26 Aug 2021 19:38:25 GMT cache-control public, max-age=300 etag W/"6114649b-3a4" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id e9uay0EmHkdbIwbwGpg2JHmSxEqAeKbOzCgsdwRxHZGlx9-uYo4SnA== age 215
GET H2	200	out-4.5.40.js Show response m.stripe.network/ Frame BB8C	85 KB 19 KB	23ms 23ms	Script application/x-javascript	2600:9000:2190:6800:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.40.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:6800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip etag W/"6114649b-154bc" age 4 x-cache Hit from cloudfront last-modified Thu, 12 Aug 2021 00:00:27 GMT server nginx date Thu, 26 Aug 2021 19:41:54 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 via 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront) cache-control public, max-age=300 content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; x-amz-cf-pop ZRH50-C1 timing-allow-origin * x-amz-cf-id 2YTQSvMqYgk1Iswt0D5TVwJxkoAMoh25Nz9cxDBG8os1Zline3Fd_Q==
POST H2	200	6 Show response m.stripe.com/ Frame BB8C	156 B 519 B	602ms 203ms	XHR text/plain	44.224.95.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.40.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.95.111 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-95-111.us-west-2.compute.amazonaws.com Software nginx / Resource Hash e89a0e06ed880567734f12ba5c1608d02ed00017d8948edf18158fe5a07ed6df Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 26 Aug 2021 19:41:59 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type
POST H2	200	6 Show response m.stripe.com/ Frame BB8C	156 B 518 B	201ms 201ms	XHR text/plain	44.224.95.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.40.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.224.95.111 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-224-95-111.us-west-2.compute.amazonaws.com Software nginx / Resource Hash e89a0e06ed880567734f12ba5c1608d02ed00017d8948edf18158fe5a07ed6df Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 26 Aug 2021 19:41:59 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| base2 boolean| loadIE object| _b function| _i object| StopIteration object| wFORMS object| cfg object| wFormsNumericLocaleFormattingInfo function| Stripe function| getStripeForm function| appendStripeTokenInputToForm function| isVisible function| removeInvisibleElements function| determineIfStripeTokenizationCallShouldBeMade function| getValueFromInput function| getIdOrValueFromStripe function| addStripeAddressFields function| stripeCardResponseHandler function| stripeSourceResponseHandler function| stripeErrorHandler object| simpleStorage object| p object| ctrl number| currentIndex

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
thompsonbilling.com
www.tfaforms.com
151.101.12.176
2600:9000:2190:6800:19:7d10:bd80:93a1
2606:4700:3036::6815:4e32
2a00:1450:4001:811::200a
2a00:1450:4001:831::2003
34.226.237.40
44.224.95.111
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
23543aaa71824cc6fee0e06935013bab69df682ebc05c606472875c9a9a932bb
26b601b2a8a3fb38deecc92a5789a95175b310b37f2cd16c96e3592c8dc1e5a4
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c3626d21f1d22dc053238489a0ac7b58c451c95b516c1a13bd8bcf08e555c1a
5280d303cd80b261b042729ffa4c49bf941feae3c0570d077480bf057dea3890
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
635076612939d19541f639d8d73a833b8c02146af2637ecb8d3cb72dcdf50ba6
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
7832e207be33df99c990b38381b506740fe48b3c9df9a8166a18fb43989fd478
7e8c39b33a3b4e65e975aa596ac76b3a90abb5b746846a608f70d27571ea02c0
8e5708f70ef74ccb8bc4e7cc4760df1b5dc2150cf5baa9fb4928315f59d855be
a0f831be9ee5da767fe9a4f425a53e843fef1d73bf52cb48becb6644ec7b73dc
a3e859b8149a06247853276aa0b4c79c4f3d0d63e91baf88bf96b76fbfc1b492
b45047dd5cca3f4e9a591798983c2adbcf5048560612fecab4c10708cac5f8fa
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
ce6098e1afbd9b04a3051d80e7ed6951ce80e59330bc66f74df78a71b2705a2c
e89a0e06ed880567734f12ba5c1608d02ed00017d8948edf18158fe5a07ed6df
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee4f51dd947adfe2b0317e9e0d22f0565444c104d9dd843bb45a89d5fe2fcaf9