staging.expensify.com
Open in
urlscan Pro
104.16.214.59
Public Scan
Effective URL: https://staging.expensify.com/
Submission: On June 13 via api from CH — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.
This is the only time staging.expensify.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 104.16.214.59 104.16.214.59 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 52.222.232.44 52.222.232.44 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 2a00:1450:400... 2a00:1450:4001:82b::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 | 104.16.213.59 104.16.213.59 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.226 142.250.185.226 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c0a::9a | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:810::2004 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:828::200d | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
23 | 11 |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-44.fra56.r.cloudfront.net
d2k5nsl2zxldvw.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com | |
ssl.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
google.com
1 redirects
apis.google.com — Cisco Umbrella Rank: 141 www.google.com — Cisco Umbrella Rank: 4 accounts.google.com — Cisco Umbrella Rank: 107 |
60 KB |
6 |
expensify.com
1 redirects
staging.expensify.com www.expensify.com — Cisco Umbrella Rank: 60676 |
133 KB |
5 |
cloudfront.net
d2k5nsl2zxldvw.cloudfront.net |
236 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 5859 |
611 B |
2 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 104 googleads.g.doubleclick.net — Cisco Umbrella Rank: 48 |
2 KB |
2 |
google-analytics.com
1 redirects
ssl.google-analytics.com — Cisco Umbrella Rank: 337 |
17 KB |
1 |
gstatic.com
www.gstatic.com |
34 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 127 |
15 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80 |
43 KB |
23 | 9 |
Domain | Requested by | |
---|---|---|
5 | d2k5nsl2zxldvw.cloudfront.net |
staging.expensify.com
|
3 | accounts.google.com |
apis.google.com
staging.expensify.com www.gstatic.com |
3 | www.expensify.com |
d2k5nsl2zxldvw.cloudfront.net
|
3 | staging.expensify.com |
1 redirects
d2k5nsl2zxldvw.cloudfront.net
|
2 | www.google.de |
staging.expensify.com
|
2 | www.google.com |
1 redirects
staging.expensify.com
|
2 | ssl.google-analytics.com |
1 redirects
staging.expensify.com
|
2 | apis.google.com |
staging.expensify.com
apis.google.com |
1 | www.gstatic.com |
accounts.google.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
staging.expensify.com
|
23 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
use.expensify.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
expensify.com Cloudflare Inc ECC CA-3 |
2022-06-13 - 2023-06-13 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.apis.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
accounts.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-25 - 2022-08-17 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://staging.expensify.com/
Frame ID: EC85B0E25EAED2BC4BA971C1C22BA514
Requests: 19 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/iframe
Frame ID: 3C9C899E9F69053D9231DC09DDE7C6E6
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Expensify: Easy MoneyPage URL History Show full URLs
-
https://staging.expensify.com/chat?email=craig.barnett%40ubs.com&validateCode=WPUUIVOPI
HTTP 302
https://staging.expensify.com/ Page URL
Detected technologies
Google Sign-in (Social logins) ExpandDetected patterns
- <meta[^>]*google-signin-client_id
- apis\.google\.com/js/platform\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Plus (Widgets) Expand
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: licenses
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://staging.expensify.com/chat?email=craig.barnett%40ubs.com&validateCode=WPUUIVOPI
HTTP 302
https://staging.expensify.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=465347869&utmhn=staging.expensify.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Expensify%3A%20Easy%20Money&utmhid=1990250289&utmr=-&utmp=%2F&utmht=1655144517029&utmac=UA-5524924-1&utmcc=__utma%3D150204642.402780381.1655144517.1655144517.1655144517.1%3B%2B__utmz%3D150204642.1655144517.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1667412747&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5524924-1&cid=402780381.1655144517&jid=1667412747&_v=5.7.2&z=465347869&slf_rd=1&random=3588614768
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
staging.expensify.com/ Redirect Chain
|
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage.02242ef1.css.gz
d2k5nsl2zxldvw.cloudfront.net/dist/css-gz/ |
215 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
expensify-iconmark-reversed.svg
d2k5nsl2zxldvw.cloudfront.net/images/logo/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
expensify-logo-2021-reversed.svg
d2k5nsl2zxldvw.cloudfront.net/images/icons/sign-in/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
module-homepage.a962b124.js.gz
d2k5nsl2zxldvw.cloudfront.net/dist/js-gz/ |
500 KB 175 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
52 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
108 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-America-Standard-Bold.woff
www.expensify.com/font/ |
54 KB 54 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-America-Standard-Regular.woff
www.expensify.com/font/ |
49 KB 50 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
freeplan_pink.svg
d2k5nsl2zxldvw.cloudfront.net/images/homepage/brand-stories/ |
12 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
api.php
staging.expensify.com/ |
68 B 179 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
expensicons_39.woff2
www.expensify.com/font/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.DslNQi6QjWY.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9FLGbzzoBVnxH08Hk-R4GKUjoVwA/ |
108 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
accounts.google.com/o/oauth2/ Frame 3C9C |
280 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/942650393/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/942650393/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/942650393/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 3C9C |
2 KB 846 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.XGMtBd7ascw.es5.O/d=1/rs=AOaEmlEHtJZ7MHNm_-QbAU47Aj3D3mWm3Q/ Frame 3C9C |
98 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iframerpc
accounts.google.com/o/oauth2/ Frame 3C9C |
49 B 96 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation number| DEBUG string| csrfToken string| URL_TO_NEW_DOT string| accountID string| BETAS object| Signin object| gapi object| ___jsl function| gtag object| _gaq object| dataLayer object| google_tag_manager object| google_tag_data object| _gat object| gaGlobal object| osapi function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.expensify.com/ | Name: initialReferer Value: %28direct%29 |
|
.expensify.com/ | Name: browserGUID Value: 62a78044384a5 |
|
.expensify.com/ | Name: __cf_bm Value: 2dGMQFtalS0SA.E9AreSLD0cPjFiQVuvsuIo0Wcbbzc-1655144516-0-AaIT/ahR+ZtqvD5qKYpFE5KgbdfSmEcOy5Z+m4Nyyxyc8FuPqhQAduwRhC/rMpWN90cMMg29aV1Ep4+s6aecq8c= |
|
.expensify.com/ | Name: _cfuvid Value: nl._WBXwICnTnRbnB0mZAnkYxakYAUj8eZWCs3M0dWg-1655144516395-0-604800000 |
|
.expensify.com/ | Name: _gcl_au Value: 1.1.141676774.1655144517 |
|
.expensify.com/ | Name: __utma Value: 150204642.402780381.1655144517.1655144517.1655144517.1 |
|
.expensify.com/ | Name: __utmc Value: 150204642 |
|
.expensify.com/ | Name: __utmz Value: 150204642.1655144517.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.expensify.com/ | Name: __utmt Value: 1 |
|
.expensify.com/ | Name: __utmb Value: 150204642.1.10.1655144517 |
|
.staging.expensify.com/ | Name: G_ENABLED_IDPS Value: google |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.google.com/ | Name: NID Value: 511=rp3dagKUYT1RZuywqLqEnOUDZEtOcgs50sMhhMxMdHf3uDpiv0fmUX45AQtmG9V1nVncHC2uwtOpzdior4RyCosgSVhu1hfZ5IMFhmY5SS_oPRPKMqM4bbBCGaHBRIb2ucU1XMJML4bvwRBHCmUIw6Z5e4xsxZJnn0r4wvO8Q0E |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors https://we.are.expensify.com staging.expensify.com https://viewer.expensify.com chrome-extension://oiicpdkmeclmgmlmbajefnkalcfageek chrome-extension://eeibfofdhodcjojmbookcpigoaeilkek https://new.expensify.com |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
apis.google.com
d2k5nsl2zxldvw.cloudfront.net
googleads.g.doubleclick.net
ssl.google-analytics.com
staging.expensify.com
stats.g.doubleclick.net
www.expensify.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.16.213.59
104.16.214.59
142.250.185.226
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::200d
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c0a::9a
52.222.232.44
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127a1b4c6e7702231e55f3ff3c8aa1728446a77b07a6829a74ed7371db4402fb
21202bf7777b7f92a6c552943369aba934a8460967377a8f5aea875b69237636
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
4341c2471fd0d19a23558f5d97005bda152d16e18e2926968658dc691084f0bd
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
56eeafd31b12405c59df3a926319aca48c8e0fb38d1b630fdb27b0b2ec119b74
58a90bdb3b55776624f516781182dabb147f633ee7b6db2528a758306f5cc019
8804141d35a992c3368c8dabe475e452c0414d2202d90b2a2658f5f6be482781
90f0e51c14f3f2b7f591db5a8f4738e9fbe89da7695921f57efd73c0454f0b52
91bc5a669c67d0e7112ea14cb109aebff5fcf726b4a138213ff98766b45aaa92
9b46a65dbd6e50afe9a55de39d4994f3ba514801dd494c8bcf4ec98aa39e8570
a8cfc22795c45439c7bdb6fd6ad589589c1c7316a1b099c3872cc9757e5acaa6
af34be22d03958258a12ec9ee2a59207dd1948de13d44007a1c205320345e0cb
bbfee69e39221465960102bf9a8542cb37b0d3837feeca23fa748e7a4c87aab8
d09755c23042eec8ab6d3c29caf3e7c2801b23d248b76ab5fc1ae5752649403a
d1a49f3bf6f307c4b75fa326627d65822f1bdd0c2455a0ba0ecd7221ef97ba73
e8d377b354218b66d90a25d18607201efa76daea127693e7d79614fe17b147bc
e8fc8791da7427cdf57a7007254a26cd291e6553ffb6cd5669b0c09824131885
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff063caa8e9d584e8d275ccaf3f2b9d22a27d1813d87af2e24580abc90928315