staging.expensify.com Open in urlscan Pro
104.16.214.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://staging.expensify.com/chat?email=craig.barnett%40ubs.com&validateCode=WPUUIVOPI
Effective URL:
https://staging.expensify.com/
Submission: On June 13 via api (June 13th 2022, 6:22:01 pm UTC) from CH — Scanned from DE

Summary HTTP 23 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 104.16.214.59, located in and belongs to CLOUDFLARENET, US. The main domain is staging.expensify.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.

This is the only time staging.expensify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	104.16.214.59 104.16.214.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.222.232.44 52.222.232.44	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	104.16.213.59 104.16.213.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
23	11

3 104.16.214.59 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

staging.expensify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.232.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-44.fra56.r.cloudfront.net

d2k5nsl2zxldvw.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.213.59 (None, )

ASN13335 (CLOUDFLARENET, US)

www.expensify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 141 www.google.com — Cisco Umbrella Rank: 4 accounts.google.com — Cisco Umbrella Rank: 107	60 KB
6	expensify.com 1 redirects staging.expensify.com www.expensify.com — Cisco Umbrella Rank: 60676	133 KB
5	cloudfront.net d2k5nsl2zxldvw.cloudfront.net	236 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5859	611 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 104 googleads.g.doubleclick.net — Cisco Umbrella Rank: 48	2 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 337	17 KB
1	gstatic.com www.gstatic.com	34 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 127	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 80	43 KB
23	9

	Domain	Requested by
5	d2k5nsl2zxldvw.cloudfront.net	staging.expensify.com
3	accounts.google.com	apis.google.com staging.expensify.com www.gstatic.com
3	www.expensify.com	d2k5nsl2zxldvw.cloudfront.net
3	staging.expensify.com	1 redirects d2k5nsl2zxldvw.cloudfront.net
2	www.google.de	staging.expensify.com
2	www.google.com	1 redirects staging.expensify.com
2	ssl.google-analytics.com	1 redirects staging.expensify.com
2	apis.google.com	staging.expensify.com apis.google.com
1	www.gstatic.com	accounts.google.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	staging.expensify.com
23	13

This site contains links to these domains. Also see Links.

Domain
use.expensify.com

Subject Issuer	Validity	Valid
expensify.com Cloudflare Inc ECC CA-3	`2022-06-13` - `2023-06-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://staging.expensify.com/
Frame ID: EC85B0E25EAED2BC4BA971C1C22BA514
Requests: 19 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 3C9C899E9F69053D9231DC09DDE7C6E6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Expensify: Easy Money

Page URL History Show full URLs

https://staging.expensify.com/chat?email=craig.barnett%40ubs.com&validateCode=WPUUIVOPI HTTP 302
https://staging.expensify.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
apis\.google\.com/js/platform\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

23
Requests

96 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

11
IPs

4
Countries

539 kB
Transfer

1332 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://use.expensify.com/accountants

Search URL Search Domain Scan URL

URL: https://use.expensify.com/licenses
Title: licenses

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://staging.expensify.com/chat?email=craig.barnett%40ubs.com&validateCode=WPUUIVOPI HTTP 302
https://staging.expensify.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=465347869&utmhn=staging.expensify.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Expensify%3A%20Easy%20Money&utmhid=1990250289&utmr=-&utmp=%2F&utmht=1655144517029&utmac=UA-5524924-1&utmcc=__utma%3D150204642.402780381.1655144517.1655144517.1655144517.1%3B%2B__utmz%3D150204642.1655144517.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1667412747&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869&slf_rd=1&random=3588614768

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
staging.expensify.com/
Redirect Chain

https://staging.expensify.com/chat?email=craig.barnett%40ubs.com&validateCode=WPUUIVOPI
https://staging.expensify.com/

19 KB
4 KB

218ms
218ms

Document
text/html

104.16.214.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.expensify.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.214.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4341c2471fd0d19a23558f5d97005bda152d16e18e2926968658dc691084f0bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://we.are.expensify.com staging.expensify.com https://viewer.expensify.com chrome-extension://oiicpdkmeclmgmlmbajefnkalcfageek chrome-extension://eeibfofdhodcjojmbookcpigoaeilkek https://new.expensify.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 71acd94bbde4694f-FRA
content-encoding: gzip
content-length: 3933
content-security-policy: frame-ancestors https://we.are.expensify.com staging.expensify.com https://viewer.expensify.com chrome-extension://oiicpdkmeclmgmlmbajefnkalcfageek chrome-extension://eeibfofdhodcjojmbookcpigoaeilkek https://new.expensify.com
content-type: text/html; charset=UTF-8
date: Mon, 13 Jun 2022 18:21:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 71acd949ca48694f-FRA
content-encoding: gzip
content-length: 20
content-security-policy: frame-ancestors https://we.are.expensify.com staging.expensify.com https://viewer.expensify.com chrome-extension://oiicpdkmeclmgmlmbajefnkalcfageek chrome-extension://eeibfofdhodcjojmbookcpigoaeilkek https://new.expensify.com
content-type: text/html; charset=UTF-8
date: Mon, 13 Jun 2022 18:21:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://staging.expensify.com
referrer-policy: origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 homepage.02242ef1.css.gz
d2k5nsl2zxldvw.cloudfront.net/dist/css-gz/ 215 KB
43 KB 146ms
46ms Stylesheet
text/css 52.222.232.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k5nsl2zxldvw.cloudfront.net/dist/css-gz/homepage.02242ef1.css.gz
Requested by: Host: staging.expensify.com
URL: https://staging.expensify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21202bf7777b7f92a6c552943369aba934a8460967377a8f5aea875b69237636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 05:44:46 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 22:32:56 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1646951554/ctime:1646951554/gid:137/gname:jenkins/md5:d4618916ccfc28b40ba26de5f85a3ad1/mode:33188/mtime:1646951554/uid:128/uname:jenkins
age: 1341431
etag: "d4618916ccfc28b40ba26de5f85a3ad1"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 43263
x-amz-cf-id: dGsM_dWvltQ20DQajPNiEOSe6Th1MdTH4pMRHs_UjBupSiaukznRug==

GET
H2 200 expensify-iconmark-reversed.svg
d2k5nsl2zxldvw.cloudfront.net/images/logo/ 1 KB
1 KB 138ms
38ms Image
image/svg+xml 52.222.232.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2k5nsl2zxldvw.cloudfront.net/images/logo/expensify-iconmark-reversed.svg
Requested by: Host: staging.expensify.com
URL: https://staging.expensify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d09755c23042eec8ab6d3c29caf3e7c2801b23d248b76ab5fc1ae5752649403a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 10:53:48 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
last-modified: Thu, 29 Apr 2021 07:15:58 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1619680405/ctime:1619680405/gid:137/gname:jenkins/md5:e61ed7ca8ae4a26957daf285390b3036/mode:33188/mtime:1619680405/uid:128/uname:jenkins
age: 27171
etag: "e61ed7ca8ae4a26957daf285390b3036"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1039
x-amz-cf-id: heythzb1avN4-00bx31IJhPvz72Ti9xXmmMhYokZOZf7Z3EeDWuf5g==

GET
H2 200 expensify-logo-2021-reversed.svg
d2k5nsl2zxldvw.cloudfront.net/images/icons/sign-in/ 4 KB
4 KB 127ms
48ms Image
image/svg+xml 52.222.232.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2k5nsl2zxldvw.cloudfront.net/images/icons/sign-in/expensify-logo-2021-reversed.svg
Requested by: Host: staging.expensify.com
URL: https://staging.expensify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8d377b354218b66d90a25d18607201efa76daea127693e7d79614fe17b147bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 05:20:39 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 15:54:05 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1619538684/ctime:1619538684/gid:137/gname:jenkins/md5:ae0ffd91cb6a09b3cd67289740ecc92f/mode:33188/mtime:1619538684/uid:128/uname:jenkins
age: 47649
etag: "ae0ffd91cb6a09b3cd67289740ecc92f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 4043
x-amz-cf-id: ZMyefKN31sHwNV4EzNUXporO8EywlU_8pnKuOCa9McXo9zhqwm7z3A==

GET
H2 200 module-homepage.a962b124.js.gz Show response
d2k5nsl2zxldvw.cloudfront.net/dist/js-gz/ 500 KB
175 KB 155ms
76ms Script
application/javascript 52.222.232.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2k5nsl2zxldvw.cloudfront.net/dist/js-gz/module-homepage.a962b124.js.gz
Requested by: Host: staging.expensify.com
URL: https://staging.expensify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff063caa8e9d584e8d275ccaf3f2b9d22a27d1813d87af2e24580abc90928315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 21:14:44 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 18:06:33 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1654625183/ctime:1654625183/gid:137/gname:jenkins/md5:6a35dc384b728d9eae265d08d0bfe8e1/mode:33188/mtime:1654625183/uid:128/uname:jenkins
age: 508032
etag: "6a35dc384b728d9eae265d08d0bfe8e1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 178782
x-amz-cf-id: Bc6U7E2n1_QMw49oqPt4UUi9wwncaNjt5NC-AZ3iMtAcwrH4MtEzXQ==

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 135ms
49ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: staging.expensify.com
URL: https://staging.expensify.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90f0e51c14f3f2b7f591db5a8f4738e9fbe89da7695921f57efd73c0454f0b52

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20319
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Mon, 13 Jun 2022 18:21:56 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9272bf7c23b70f7b"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 18:21:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
43 KB 136ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-942650393

Requested by

Host: staging.expensify.com
URL: https://staging.expensify.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1a49f3bf6f307c4b75fa326627d65822f1bdd0c2455a0ba0ecd7221ef97ba73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 18:21:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43417
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jun 2022 18:21:56 GMT

GET
H2 200 GT-America-Standard-Bold.woff
www.expensify.com/font/ 54 KB
54 KB 346ms
254ms Font
font/woff 104.16.213.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expensify.com/font/GT-America-Standard-Bold.woff

Requested by

Host: d2k5nsl2zxldvw.cloudfront.net
URL: https://d2k5nsl2zxldvw.cloudfront.net/dist/css-gz/homepage.02242ef1.css.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.213.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fc8791da7427cdf57a7007254a26cd291e6553ffb6cd5669b0c09824131885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d2k5nsl2zxldvw.cloudfront.net/
Origin: https://staging.expensify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 18:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 55104
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Jun 2022 22:26:08 GMT
server: cloudflare
etag: "62a27380-d740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71acd94eed279277-FRA
expires: Tue, 13 Jun 2023 18:21:57 GMT

GET
H2 200 GT-America-Standard-Regular.woff
www.expensify.com/font/ 49 KB
50 KB 378ms
286ms Font
font/woff 104.16.213.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expensify.com/font/GT-America-Standard-Regular.woff

Requested by

Host: d2k5nsl2zxldvw.cloudfront.net
URL: https://d2k5nsl2zxldvw.cloudfront.net/dist/css-gz/homepage.02242ef1.css.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.213.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127a1b4c6e7702231e55f3ff3c8aa1728446a77b07a6829a74ed7371db4402fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d2k5nsl2zxldvw.cloudfront.net/
Origin: https://staging.expensify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 18:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 50572
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Jun 2022 22:26:08 GMT
server: cloudflare
etag: "62a27380-c58c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71acd94eed2a9277-FRA
expires: Tue, 13 Jun 2023 18:21:57 GMT

GET
H2 200 freeplan_pink.svg
d2k5nsl2zxldvw.cloudfront.net/images/homepage/brand-stories/ 12 KB
12 KB 45ms
44ms Image
image/svg+xml 52.222.232.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2k5nsl2zxldvw.cloudfront.net/images/homepage/brand-stories/freeplan_pink.svg
Requested by: Host: staging.expensify.com
URL: https://staging.expensify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-44.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbfee69e39221465960102bf9a8542cb37b0d3837feeca23fa748e7a4c87aab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 05:43:09 GMT
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 21:35:37 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1631741561/ctime:1631741561/gid:137/gname:jenkins/md5:949a144989345d8d09446adc4f36a4f3/mode:33188/mtime:1631741561/uid:128/uname:jenkins
age: 45834
etag: "949a144989345d8d09446adc4f36a4f3"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 12152
x-amz-cf-id: cRLIQr0busX1i9I6Rs6Nv90Ul-DWw3I0ox5cMcZYbxA43EXioC2kog==

POST
H2 200 api.php Show response
staging.expensify.com/ 68 B
179 B 582ms
582ms XHR
application/json 104.16.214.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.expensify.com/api.php?&command=GetRequestCountryCode

Requested by

Host: d2k5nsl2zxldvw.cloudfront.net
URL: https://d2k5nsl2zxldvw.cloudfront.net/dist/js-gz/module-homepage.a962b124.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.214.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58a90bdb3b55776624f516781182dabb147f633ee7b6db2528a758306f5cc019

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://we.are.expensify.com staging.expensify.com https://viewer.expensify.com chrome-extension://oiicpdkmeclmgmlmbajefnkalcfageek chrome-extension://eeibfofdhodcjojmbookcpigoaeilkek https://new.expensify.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://staging.expensify.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Jun 2022 18:21:57 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
cache-control: no-cache, no-store
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://we.are.expensify.com staging.expensify.com https://viewer.expensify.com chrome-extension://oiicpdkmeclmgmlmbajefnkalcfageek chrome-extension://eeibfofdhodcjojmbookcpigoaeilkek https://new.expensify.com
cf-ray: 71acd94f1c58694f-FRA
content-length: 82
x-xss-protection: 1; mode=block

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 53ms
38ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: staging.expensify.com
URL: https://staging.expensify.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5462
date: Mon, 13 Jun 2022 16:50:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 13 Jun 2022 18:50:54 GMT

GET
H2 200 expensicons_39.woff2
www.expensify.com/font/ 23 KB
24 KB 213ms
213ms Font
font/woff2 104.16.213.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expensify.com/font/expensicons_39.woff2

Requested by

Host: d2k5nsl2zxldvw.cloudfront.net
URL: https://d2k5nsl2zxldvw.cloudfront.net/dist/css-gz/homepage.02242ef1.css.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.213.59 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b46a65dbd6e50afe9a55de39d4994f3ba514801dd494c8bcf4ec98aa39e8570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d2k5nsl2zxldvw.cloudfront.net/
Origin: https://staging.expensify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 18:21:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 23580
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 09 Jun 2022 22:26:07 GMT
server: cloudflare
etag: "62a2737f-5c1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 71acd94f1d679277-FRA
expires: Tue, 13 Jun 2023 18:21:57 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 140ms
52ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-942650393

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 18:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 18:21:57 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/ 108 KB
36 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56eeafd31b12405c59df3a926319aca48c8e0fb38d1b630fdb27b0b2ec119b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 19:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36605
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:21:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 19:49:39 GMT

GET
H3

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=465347869&utmhn=staging.expensify.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869&slf_rd=1&random=3588614768

42 B
63 B

217ms
140ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869&slf_rd=1&random=3588614768

Requested by

Host: staging.expensify.com
URL: https://staging.expensify.com/

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 18:21:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Jun 2022 18:21:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869&slf_rd=1&random=3588614768
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 3C9C 280 B
1 KB 176ms
93ms Document
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8804141d35a992c3368c8dabe475e452c0414d2202d90b2a2658f5f6be482781

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-USmbG0FSb4LzDHHxB49dNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://staging.expensify.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-USmbG0FSb4LzDHHxB49dNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 18:21:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/942650393/ 2 KB
2 KB 139ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942650393/?random=1655144517131&cv=9&fst=1655144517131&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa680&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fstaging.expensify.com%2F&tiba=Expensify%3A%20Easy%20Money&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91bc5a669c67d0e7112ea14cb109aebff5fcf726b4a138213ff98766b45aaa92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 18:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1032
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/942650393/ 42 B
548 B 226ms
52ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/942650393/?random=1655144517131&cv=9&fst=1655143200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa680&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fstaging.expensify.com%2F&tiba=Expensify%3A%20Easy%20Money&async=1&fmt=3&is_vtc=1&random=1163614003&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: staging.expensify.com
URL: https://staging.expensify.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 18:21:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/942650393/ 42 B
548 B 224ms
50ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/942650393/?random=1655144517131&cv=9&fst=1655143200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa680&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fstaging.expensify.com%2F&tiba=Expensify%3A%20Easy%20Money&async=1&fmt=3&is_vtc=1&random=1163614003&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: staging.expensify.com
URL: https://staging.expensify.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staging.expensify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 18:21:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 3C9C 2 KB
846 B 133ms
54ms Other
text/html 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: staging.expensify.com
URL: https://staging.expensify.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af34be22d03958258a12ec9ee2a59207dd1948de13d44007a1c205320345e0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 18:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.XGMtBd7ascw.es5.O/d=1/rs=AOaEmlEHtJZ7MHNm_-QbAU47Aj3D3mWm3Q/ Frame 3C9C 98 KB
34 KB 119ms
38ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.XGMtBd7ascw.es5.O/d=1/rs=AOaEmlEHtJZ7MHNm_-QbAU47Aj3D3mWm3Q/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8cfc22795c45439c7bdb6fd6ad589589c1c7316a1b099c3872cc9757e5acaa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 06:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 559659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34521
x-xss-protection: 0
last-modified: Sun, 05 Jun 2022 01:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 06:54:18 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 3C9C 49 B
96 B 55ms
55ms XHR
application/json 2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fstaging.expensify.com&client_id=1008697809946-coqhbnnjntnm0fo41pj2cpov5268dg1l.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.XGMtBd7ascw.es5.O/d=1/rs=AOaEmlEHtJZ7MHNm_-QbAU47Aj3D3mWm3Q/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-e47NdHCPH2ij-6Oo0RAJ4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 18:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-e47NdHCPH2ij-6Oo0RAJ4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
expires: Mon, 13 Jun 2022 18:21:57 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.expensify.com/	1970-01-23 19:21:44	Name: initialReferer Value: %28direct%29
.expensify.com/	1970-01-23 19:21:44	Name: browserGUID Value: 62a78044384a5
.expensify.com/	1970-01-20 03:45:46	Name: __cf_bm Value: 2dGMQFtalS0SA.E9AreSLD0cPjFiQVuvsuIo0Wcbbzc-1655144516-0-AaIT/ahR+ZtqvD5qKYpFE5KgbdfSmEcOy5Z+m4Nyyxyc8FuPqhQAduwRhC/rMpWN90cMMg29aV1Ep4+s6aecq8c=
.expensify.com/	1969-12-31 23:59:59	Name: _cfuvid Value: nl._WBXwICnTnRbnB0mZAnkYxakYAUj8eZWCs3M0dWg-1655144516395-0-604800000
.expensify.com/	1970-01-20 05:55:20	Name: _gcl_au Value: 1.1.141676774.1655144517
.expensify.com/	1970-01-20 21:16:56	Name: __utma Value: 150204642.402780381.1655144517.1655144517.1655144517.1
.expensify.com/	1969-12-31 23:59:59	Name: __utmc Value: 150204642
.expensify.com/	1970-01-20 08:08:32	Name: __utmz Value: 150204642.1655144517.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.expensify.com/	1970-01-20 03:45:45	Name: __utmt Value: 1
.expensify.com/	1970-01-20 03:45:46	Name: __utmb Value: 150204642.1.10.1655144517
.staging.expensify.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
.doubleclick.net/	1970-01-20 03:45:45	Name: test_cookie Value: CheckForPermission
.google.com/	1970-01-20 08:09:15	Name: NID Value: 511=rp3dagKUYT1RZuywqLqEnOUDZEtOcgs50sMhhMxMdHf3uDpiv0fmUX45AQtmG9V1nVncHC2uwtOpzdior4RyCosgSVhu1hfZ5IMFhmY5SS_oPRPKMqM4bbBCGaHBRIb2ucU1XMJML4bvwRBHCmUIw6Z5e4xsxZJnn0r4wvO8Q0E

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://we.are.expensify.com staging.expensify.com https://viewer.expensify.com chrome-extension://oiicpdkmeclmgmlmbajefnkalcfageek chrome-extension://eeibfofdhodcjojmbookcpigoaeilkek https://new.expensify.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
d2k5nsl2zxldvw.cloudfront.net
googleads.g.doubleclick.net
ssl.google-analytics.com
staging.expensify.com
stats.g.doubleclick.net
www.expensify.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.16.213.59
104.16.214.59
142.250.185.226
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::200d
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c0a::9a
52.222.232.44
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127a1b4c6e7702231e55f3ff3c8aa1728446a77b07a6829a74ed7371db4402fb
21202bf7777b7f92a6c552943369aba934a8460967377a8f5aea875b69237636
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
4341c2471fd0d19a23558f5d97005bda152d16e18e2926968658dc691084f0bd
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
56eeafd31b12405c59df3a926319aca48c8e0fb38d1b630fdb27b0b2ec119b74
58a90bdb3b55776624f516781182dabb147f633ee7b6db2528a758306f5cc019
8804141d35a992c3368c8dabe475e452c0414d2202d90b2a2658f5f6be482781
90f0e51c14f3f2b7f591db5a8f4738e9fbe89da7695921f57efd73c0454f0b52
91bc5a669c67d0e7112ea14cb109aebff5fcf726b4a138213ff98766b45aaa92
9b46a65dbd6e50afe9a55de39d4994f3ba514801dd494c8bcf4ec98aa39e8570
a8cfc22795c45439c7bdb6fd6ad589589c1c7316a1b099c3872cc9757e5acaa6
af34be22d03958258a12ec9ee2a59207dd1948de13d44007a1c205320345e0cb
bbfee69e39221465960102bf9a8542cb37b0d3837feeca23fa748e7a4c87aab8
d09755c23042eec8ab6d3c29caf3e7c2801b23d248b76ab5fc1ae5752649403a
d1a49f3bf6f307c4b75fa326627d65822f1bdd0c2455a0ba0ecd7221ef97ba73
e8d377b354218b66d90a25d18607201efa76daea127693e7d79614fe17b147bc
e8fc8791da7427cdf57a7007254a26cd291e6553ffb6cd5669b0c09824131885
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff063caa8e9d584e8d275ccaf3f2b9d22a27d1813d87af2e24580abc90928315

staging.expensify.com Open in urlscan Pro 104.16.214.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

67 %IPv6

9 Domains

13 Subdomains

11 IPs

4 Countries

539 kBTransfer

1332 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

13 Cookies

2 Console Messages

Security Headers

Indicators

staging.expensify.com Open in urlscan Pro
104.16.214.59 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

11
IPs

4
Countries

539 kB
Transfer

1332 kB
Size

13
Cookies

23 HTTP transactions
0 data transactions