web.lb.staging.aws.moneydolly.ca Open in urlscan Pro
3.99.31.19  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response web.lb.staging.aws.moneydolly.ca/	2 KB 2 KB	256ms 14ms	Document text/html	3.99.31.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://web.lb.staging.aws.moneydolly.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.99.31.19 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-99-31-19.ca-central-1.compute.amazonaws.com Software / Resource Hash 2d84e5b69ca65c6a5835bc39a936a9ffeb35cc16267affda4c357defd3edd4d8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers date Wed, 16 Feb 2022 01:47:50 GMT content-type text/html;charset=UTF-8 x-content-type-options nosniff x-xss-protection 1; mode=block cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires 0 x-frame-options SAMEORIGIN content-language en-CA
GET H2	200	icon fonts.googleapis.com/	569 B 868 B	81ms 35ms	Stylesheet text/css	2607:f8b0:4006:822::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: web.lb.staging.aws.moneydolly.ca URL: https://web.lb.staging.aws.moneydolly.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 485fa9644b14058ebe8a472a9329941917a72aeed694f6a14880058c79c1ed75 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://web.lb.staging.aws.moneydolly.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 16 Feb 2022 01:47:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 16 Feb 2022 01:47:51 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 16 Feb 2022 01:47:51 GMT
GET H2	200	base.css web.lb.staging.aws.moneydolly.ca/static/public/asset/css/	3 KB 4 KB	13ms 13ms	Stylesheet text/css	3.99.31.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://web.lb.staging.aws.moneydolly.ca/static/public/asset/css/base.css?v=1644845121185 Requested by Host: web.lb.staging.aws.moneydolly.ca URL: https://web.lb.staging.aws.moneydolly.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.99.31.19 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-99-31-19.ca-central-1.compute.amazonaws.com Software / Resource Hash 1f47e84315b42a882d2eaa69f8cdbc5170f8327fa62dc6ac0cf3078ddbfa3a6e Request headers Accept-Language en-CA,en;q=0.9 Referer https://web.lb.staging.aws.moneydolly.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 16 Feb 2022 01:47:50 GMT cache-control max-age=31556926 last-modified Mon, 14 Feb 2022 13:23:09 GMT accept-ranges bytes content-length 3470 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type text/css
GET H2	200	platform.js Show response web.lb.staging.aws.moneydolly.ca/static/public/js/built/	2 MB 2 MB	14ms 14ms	Script application/javascript	3.99.31.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://web.lb.staging.aws.moneydolly.ca/static/public/js/built/platform.js?v=1644845121185 Requested by Host: web.lb.staging.aws.moneydolly.ca URL: https://web.lb.staging.aws.moneydolly.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.99.31.19 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-99-31-19.ca-central-1.compute.amazonaws.com Software / Resource Hash 71cbf35d36db6a926dea6886375cd85fab17e6f76f31135608f3b6a78f77e213 Request headers Accept-Language en-CA,en;q=0.9 Referer https://web.lb.staging.aws.moneydolly.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 16 Feb 2022 01:47:50 GMT cache-control max-age=31556926 last-modified Mon, 14 Feb 2022 13:23:09 GMT accept-ranges bytes content-length 1632587 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/javascript
GET H2	200	v3 Show response js.stripe.com/	278 KB 73 KB	127ms 21ms	Script application/javascript	13.33.46.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: web.lb.staging.aws.moneydolly.ca URL: https://web.lb.staging.aws.moneydolly.ca/static/public/js/built/platform.js?v=1644845121185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.46.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-46-88.ewr52.r.cloudfront.net Software Cloudfront / Resource Hash 0fdb7135294cce6b627f97fd9aecdbd4842c147b79b35d2a515a730fd090e179 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://web.lb.staging.aws.moneydolly.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 16 Feb 2022 01:46:56 GMT content-encoding gzip x-content-type-options nosniff age 56 x-cache Hit from cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-origin * last-modified Tue, 15 Feb 2022 21:20:53 GMT server Cloudfront etag W/"d058a786aa3fda76df0872c4ec2105b4" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront) cache-control max-age=60 x-amz-cf-pop EWR52-C1 timing-allow-origin * x-amz-cf-id 6No-fkLqMo-pA0nDI2Wsaw1yDHsY9sHQHyywTBnAz9nV-gBp_5FTBw==
GET H2	200	logo.svg web.lb.staging.aws.moneydolly.ca/static/public/asset/img/platform/	16 KB 16 KB	14ms 13ms	Image image/svg+xml	3.99.31.19 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://web.lb.staging.aws.moneydolly.ca/static/public/asset/img/platform/logo.svg Requested by Host: web.lb.staging.aws.moneydolly.ca URL: https://web.lb.staging.aws.moneydolly.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.99.31.19 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-99-31-19.ca-central-1.compute.amazonaws.com Software / Resource Hash f046fa7081660121ddf89903d70114b2a1338869da344e630502a55e253dfccd Request headers Accept-Language en-CA,en;q=0.9 Referer https://web.lb.staging.aws.moneydolly.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 16 Feb 2022 01:47:51 GMT cache-control max-age=31556926 last-modified Mon, 14 Feb 2022 13:23:09 GMT accept-ranges bytes content-length 15919 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type image/svg+xml
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v125/	121 KB 122 KB	65ms 20ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v125/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/icon?family=Material+Icons Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 63b49d58e13f9edc496b9e239b5e5c08757d26551bd16628cf996d3af0b769f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://web.lb.staging.aws.moneydolly.ca Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 21:41:36 GMT x-content-type-options nosniff age 14775 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 123876 x-xss-protection 0 last-modified Tue, 15 Feb 2022 21:23:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 15 Feb 2023 21:41:36 GMT
GET H2	200	AvenirNext-Regular.woff2 web.lb.staging.aws.moneydolly.ca/static/public/asset/font/	30 KB 30 KB	13ms 13ms	Font application/font-woff2	3.99.31.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://web.lb.staging.aws.moneydolly.ca/static/public/asset/font/AvenirNext-Regular.woff2 Requested by Host: web.lb.staging.aws.moneydolly.ca URL: https://web.lb.staging.aws.moneydolly.ca/static/public/asset/css/base.css?v=1644845121185 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.99.31.19 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-99-31-19.ca-central-1.compute.amazonaws.com Software / Resource Hash bd0f008d39ba8fcc7920ff166b7c28f32ef5f96dde198ab7ef26d129afae6bec Request headers Referer https://web.lb.staging.aws.moneydolly.ca/static/public/asset/css/base.css?v=1644845121185 Origin https://web.lb.staging.aws.moneydolly.ca Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 16 Feb 2022 01:47:51 GMT cache-control max-age=31556926 last-modified Mon, 14 Feb 2022 13:23:09 GMT accept-ranges bytes content-length 30404 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/font-woff2
GET H2	200	m-outer-21b66fa0c573e809345fe202113a4338.html Show response js.stripe.com/v3/ Frame 5002	240 B 963 B	19ms 18ms	Document text/html	13.33.46.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.46.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-46-88.ewr52.r.cloudfront.net Software Cloudfront / Resource Hash 9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://web.lb.staging.aws.moneydolly.ca/ Response headers content-type text/html; charset=utf-8 content-length 240 last-modified Tue, 15 Feb 2022 21:02:56 GMT accept-ranges bytes server Cloudfront access-control-allow-origin * x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload content-security-policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report timing-allow-origin * date Wed, 16 Feb 2022 01:04:41 GMT cache-control max-age=31536000 etag "21b66fa0c573e809345fe202113a4338" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C1 x-amz-cf-id CvzoBqtp3VNzsm7JOps4rdOXGrpMTSppriJTvpb_vUz6mHjpj2gUaQ== age 2592
POST H2	200	csp-report q.stripe.com/ Frame 5002	0 357 B	276ms 86ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: web.lb.staging.aws.moneydolly.ca URL: https://web.lb.staging.aws.moneydolly.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://js.stripe.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 16 Feb 2022 01:47:51 GMT server nginx access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type x-envoy-upstream-service-time 1 access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token content-length 0
GET H2	200	m-outer-5c4150bc004c99291dfd234a82c582e0.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 5002	1 KB 1 KB	19ms 19ms	Script application/javascript	13.33.46.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.46.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-46-88.ewr52.r.cloudfront.net Software Cloudfront / Resource Hash 990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://js.stripe.com/v3/m-outer-21b66fa0c573e809345fe202113a4338.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 2 x-cache Hit from cloudfront date Wed, 16 Feb 2022 01:47:50 GMT via 1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront) last-modified Tue, 15 Feb 2022 21:03:02 GMT server Cloudfront etag W/"d0c7e21ec457b6a134a496f107c3ca93" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop EWR52-C1 timing-allow-origin * x-amz-cf-id O4t3SsBrdxvj9FWmuKPVYlfF3ZWq1HJOSODAYctngaQrN93LfK5-uA==
GET H2	200	inner.html Show response m.stripe.network/ Frame 708E	932 B 1 KB	42ms 14ms	Document text/html	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-5c4150bc004c99291dfd234a82c582e0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://js.stripe.com/ Response headers content-type text/html; charset=utf-8 cache-control max-age=300, public content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff server Fastly content-encoding gzip accept-ranges bytes date Wed, 16 Feb 2022 01:47:51 GMT via 1.1 varnish age 120 x-request-id 1f25d913-8175-4a66-9b88-cd99123e8520 x-served-by cache-yul12834-YUL x-cache HIT x-cache-hits 165 x-timer S1644976071.455760,VS0,VE0 vary Accept-Encoding, Origin content-length 528
POST H2	200	csp-report q.stripe.com/ Frame 708E	0 130 B	200ms 87ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: web.lb.staging.aws.moneydolly.ca URL: https://web.lb.staging.aws.moneydolly.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 16 Feb 2022 01:47:51 GMT x-envoy-upstream-service-time 2 server nginx content-length 0 strict-transport-security max-age=31556926; includeSubDomains; preload
GET H2	200	out-4.5.41.js Show response m.stripe.network/ Frame 708E	85 KB 16 KB	11ms 11ms	Script text/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.41.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 107 x-cache HIT content-length 15786 x-request-id 6849a57a-05ee-4a5b-ab10-1965d3690fc3 x-served-by cache-yul12834-YUL server Fastly x-timer S1644976071.478334,VS0,VE0 date Wed, 16 Feb 2022 01:47:51 GMT vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=300, public accept-ranges bytes x-cache-hits 132
POST H2	200	6 Show response m.stripe.com/ Frame 708E	156 B 523 B	245ms 81ms	XHR application/json	34.215.192.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.41.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.215.192.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-215-192-98.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 13891e0bcb2fb0086db5eab76fb28f803a9999f1d6e84b9f30e831440ba5a11f Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 16 Feb 2022 01:47:51 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| __mobxInstanceCount object| __mobxGlobals object| scCGSHMRCache number| 2f1acc6c3a606b082e5eef5e54414ffb object| __APOLLO_CLIENT__ string| stripePublishableKey object| __webpackStripeJSv3Jsonp function| Stripe

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-20 18:27:28	Name: m Value: b7980346-99e5-4ed7-9adf-be4c39e5af9b900f64
			.web.lb.staging.aws.moneydolly.ca/	1970-01-20 09:41:52	Name: __stripe_mid Value: 5163481d-0b4e-489c-90f3-0e0b19d73e5a1b7151
			.web.lb.staging.aws.moneydolly.ca/	1970-01-20 00:56:17	Name: __stripe_sid Value: 0f54cfcc-6f14-4d5b-b148-48eba74be6df0f7587

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
web.lb.staging.aws.moneydolly.ca
13.33.46.88
151.101.64.176
2607:f8b0:4006:809::2003
2607:f8b0:4006:822::200a
3.99.31.19
34.215.192.98
54.187.119.242
0fdb7135294cce6b627f97fd9aecdbd4842c147b79b35d2a515a730fd090e179
13891e0bcb2fb0086db5eab76fb28f803a9999f1d6e84b9f30e831440ba5a11f
1f47e84315b42a882d2eaa69f8cdbc5170f8327fa62dc6ac0cf3078ddbfa3a6e
2d84e5b69ca65c6a5835bc39a936a9ffeb35cc16267affda4c357defd3edd4d8
485fa9644b14058ebe8a472a9329941917a72aeed694f6a14880058c79c1ed75
63b49d58e13f9edc496b9e239b5e5c08757d26551bd16628cf996d3af0b769f2
71cbf35d36db6a926dea6886375cd85fab17e6f76f31135608f3b6a78f77e213
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9a280ca12a2d4400a93d3a9faf5e18bb2f65091a76e4cfe41b78621baab826f2
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
bd0f008d39ba8fcc7920ff166b7c28f32ef5f96dde198ab7ef26d129afae6bec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
f046fa7081660121ddf89903d70114b2a1338869da344e630502a55e253dfccd