urlscan.io logo urlscan.io
SecurityTrails logo

sso.eu.edenred.io Open in urlscan Pro
107.162.166.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Effective URL: https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34...
Submission: On November 12 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 52 HTTP transactions. The main IP is 107.162.166.72, located in United States and belongs to DEFENSE-NET, US. The main domain is sso.eu.edenred.io. The Cisco Umbrella rank of the primary domain is 389943.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on November 15th 2021. Valid for: a year.
This is the only time sso.eu.edenred.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 204.103.47.202 2129 (HP-EUROPE...)
2 13.224.189.104 16509 (AMAZON-02)
1 2 107.162.166.72 55002 (DEFENSE-NET)
1 50.112.153.137 16509 (AMAZON-02)
9 2620:1ec:46::45 8068 (MICROSOFT...)
9 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
52 8
16    204.103.47.202 (United States)

ASN2129 (HP-EUROPE-AS-TRADE, GB)
clients.expendiasmart.com
2    13.224.189.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-104.fra2.r.cloudfront.net
cdn.appdynamics.com
2    107.162.166.72 (United States)

ASN55002 (DEFENSE-NET, US)
sso.eu.edenred.io
1    50.112.153.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-153-137.us-west-2.compute.amazonaws.com
col.eum-appdynamics.com
9    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sso.eu.edenredcdn.com
9    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
11    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
16 expendiasmart.com
clients.expendiasmart.com
5 MB
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
964 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
95 KB
9 edenredcdn.com
sso.eu.edenredcdn.com — Cisco Umbrella Rank: 651962
895 KB
2 edenred.io
sso.eu.edenred.io — Cisco Umbrella Rank: 389943
6 KB
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3041
36 KB
1 eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 2264
719 B
52 7
Domain Requested by
16 clients.expendiasmart.com 1 redirects clients.expendiasmart.com
cdn.appdynamics.com
11 www.gstatic.com www.google.com
www.gstatic.com
9 www.google.com sso.eu.edenred.io
www.gstatic.com
www.google.com
9 sso.eu.edenredcdn.com sso.eu.edenred.io
sso.eu.edenredcdn.com
4 fonts.gstatic.com www.google.com
2 sso.eu.edenred.io 1 redirects clients.expendiasmart.com
2 cdn.appdynamics.com clients.expendiasmart.com
cdn.appdynamics.com
1 col.eum-appdynamics.com cdn.appdynamics.com
52 8

This site contains links to these domains. Also see Links.

Domain
www.spendeo.com
policies.google.com
Subject Issuer Validity Valid
*.expendiasmart.com
GlobalSign RSA OV SSL CA 2018		 2022-02-28 -
2023-04-01		 a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-17 -
2023-07-22		 a year crt.sh
*.eu.edenred.io
GlobalSign RSA OV SSL CA 2018		 2021-11-15 -
2022-12-17		 a year crt.sh
*.eum-appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-07-15		 a year crt.sh
sso.eu.edenredcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-06 -
2023-09-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip
Frame ID: 8E28A9C90477CB292C09CF77BD1E22C8
Requests: 30 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=79587qvrgm1z
Frame ID: 3D6A3AB26BC5DC43738443E4ACA037AD
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=nmu0k7yhww9
Frame ID: 25A949D00C6A7760FFAB7CE98F323506
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Frame ID: 475049762440ABBFBE66078BF19B25C1
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Frame ID: B65DD0DA66E6787DE27D416D6D516710
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gestione delle Spese Aziendali

Page URL History Show full URLs

  1. https://clients.expendiasmart.com/tripv2/my-transactions/list Page URL
  2. https://clients.expendiasmart.com/tripv2api/openid/login/callback?ui_locales=it_IT&identifier=https://sso.eu.e... HTTP 302
    https://sso.eu.edenred.io/connect/authorize?response_type=code&client_id=f54f04c34f994bb49dd4fbae3f54a... HTTP 302
    https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

52
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

7035 kB
Transfer

8711 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clients.expendiasmart.com/tripv2/my-transactions/list Page URL
  2. https://clients.expendiasmart.com/tripv2api/openid/login/callback?ui_locales=it_IT&identifier=https://sso.eu.edenred.io&iss=https://sso.eu.edenred.io&target_link_uri=https://clients.expendiasmart.com/tripv2/my-transactions/list HTTP 302
    https://sso.eu.edenred.io/connect/authorize?response_type=code&client_id=f54f04c34f994bb49dd4fbae3f54a250&scope=openid&redirect_uri=https%3A%2F%2Fclients.expendiasmart.com%2Ftripv2api%2Fopenid%2Flogin%2Fcallback&nonce=14bb8f657465&state=9db6add4fdd4&ui_locales=it-IT&acr_values=tenant%3Atrip HTTP 302
    https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
list
clients.expendiasmart.com/tripv2/my-transactions/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
869d4e5eed87f6f9e779e58c3dee5c208863999db8d4ee82751ed4000646282e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
1967
Content-Type
text/html;charset=UTF-8
Date
Sat, 12 Nov 2022 01:37:03 GMT
Keep-Alive
timeout=5, max=100
Strict-Transport-Security
max-age=31536000
X-Frame-Options
SAMEORIGIN
styles-l8ebij5h.css
clients.expendiasmart.com/tripv2/styles/ 		289 KB
289 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/styles/styles-l8ebij5h.css
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
6ef0b30fcd25e4fe07f13ee13151ff5cd2f1832e3f82ba315b07b6523278ee49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"295550-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
295550
app.apiConf-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		878 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/app.apiConf-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
c8d51940186c9072bb469882fa1f68e82fec5e94be433b06f60670b8f495e025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"878-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
878
app.vendor-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		1008 KB
1008 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/app.vendor-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
965b1ae2ca2aaf312433b54c71aa6df152c36b65745c413b6a7679517b223644
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"1032049-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1032049
app.main-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/app.main-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
0dfeece76e5eee14177f1fa077e63d2a3813a5e5cd00ea26b0403173c58c1871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"15732-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15732
main-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		500 KB
500 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/main-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
d90ca07f257fd0d5a9532a7d91d99fe3c90a62b64f7dba0b4dd8d911d85b4235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"511872-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
511872
app.common-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		252 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/app.common-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
222d4161f51258f242a1fddf21f7b8803af6b0282f9f8974adea845620c9e84c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"257825-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
257825
app.components-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		600 KB
600 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/app.components-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
b530c7930db0cc0f819fa04909bb3ceee2e19d5a00c9a1c6d3268bdc8fb3a2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"614187-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
614187
app.pages-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		399 KB
400 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/app.pages-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
2ee9998c5bf9385ff496ec1a325ada6a7e1fefbde8c0d176ee02d9bde8424c03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"408638-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
408638
styles-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/styles-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
737f77b305dc0c093619d8dd4a304d504077f64fea0a3f49a498e506394db4d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"3727-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3727
templates-l8ebij5h.js
clients.expendiasmart.com/tripv2/scripts/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/scripts/templates-l8ebij5h.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
e2346682bfe772e1854e49e796ce5f36f9fabfa952607c1f46003be72252e16f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"1740679-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1740679
adrum-4.3.8.1.js
cdn.appdynamics.com/adrum/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.3.8.1.js
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/my-transactions/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-104.fra2.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
d4007d4644f91b50d08a4739b18e857932425220d7d806ee886a421807dfd5af

Request headers

Referer
https://clients.expendiasmart.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 22 Oct 2022 05:28:01 GMT
content-encoding
gzip
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1800542
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2017 23:37:56 GMT
server
nginx/1.16.1
etag
W/"5a3c45d4-b13d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
l96xsNBvtRmBX-RRo23S2TEXBqAR6-EKvPW8B4sTd_rqVpJjcP-6Cg==
Montserrat-Regular.woff
clients.expendiasmart.com/tripv2/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/assets/fonts/Montserrat-Regular.woff
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/styles/styles-l8ebij5h.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
edf9d8f742937d91c69a5b1fb52be3dfac6259ee853c55b309cdd0febf5a8802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://clients.expendiasmart.com/tripv2/styles/styles-l8ebij5h.css
Origin
https://clients.expendiasmart.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"22008-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
22008
en_GB.json
clients.expendiasmart.com/tripv2/assets/i18n/ 		240 KB
240 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2/assets/i18n/en_GB.json?=l8ebij5h
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.8.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
ADRUM
isAjax:true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:06 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 23 Sep 2022 10:07:12 GMT
ETag
W/"245728-1663927632000"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
245728
details
clients.expendiasmart.com/tripv2api/user/ 		31 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2api/user/details?_=1668217026
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.8.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
3f5e83bd62586d007c7bf027478dc64fe8f37141d74898333e93fd60041fd608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
ADRUM
isAjax:true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:06 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
31
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
SAMEORIGIN, DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS, DELETE, PUT
Content-Type
application/json
Access-Control-Expose-Headers
Content-Disposition
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Content-Disposition
Keep-Alive
timeout=5, max=98
Expires
0
adrum-ext.18b6b3ec105ee15f14ef7c382e15f446.js
cdn.appdynamics.com/ 		47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.18b6b3ec105ee15f14ef7c382e15f446.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.8.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-104.fra2.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
6619ba77a7043416a164874dcacbf5ca4a6b53746f720c8c62c56d1832599307

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clients.expendiasmart.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 13:26:15 GMT
content-encoding
gzip
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1253451
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2017 23:37:57 GMT
server
nginx/1.16.1
etag
W/"5a3c45d5-bbee"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
JN_PbGLJKpRbck4D3FK1Hj2c3eYgxlmRlnYlLxMGTObfKEKsoUXQZg==
openIdConnectIssuer
clients.expendiasmart.com/tripv2api/ 		54 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clients.expendiasmart.com/tripv2api/openIdConnectIssuer?_=1668217026
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.3.8.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.103.47.202 , United States, ASN2129 (HP-EUROPE-AS-TRADE, GB),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://clients.expendiasmart.com/tripv2/my-transactions/list
X-XSRF-TOKEN
ee54f8af-b603-4b60-870f-e7f08ac873e2
ADRUM
isAjax:true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sat, 12 Nov 2022 01:37:06 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, OPTIONS, DELETE, PUT
Content-Type
application/json
Access-Control-Expose-Headers
Content-Disposition
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Content-Disposition
Content-Length
54
Primary Request login
sso.eu.edenred.io/
Redirect Chain
  • https://clients.expendiasmart.com/tripv2api/openid/login/callback?ui_locales=it_IT&identifier=https://sso.eu.edenred.io&iss=https://sso.eu.edenred.io&target_link_uri=https://clients.expendiasmart.c...
  • https://sso.eu.edenred.io/connect/authorize?response_type=code&client_id=f54f04c34f994bb49dd4fbae3f54a250&scope=openid&redirect_uri=https%3A%2F%2Fclients.expendiasmart.com%2Ftripv2api%2Fopenid%2Flo...
  • https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%2...
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip
Requested by
Host: clients.expendiasmart.com
URL: https://clients.expendiasmart.com/tripv2/scripts/app.common-l8ebij5h.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.166.72 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
320985a5ed79c8af40bebc1e6436d692a366e58715e88286b567654a01609b06
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' https://www.google.com https://www.gstatic.com *.edenredcdn.com https://cdn.userlane.com *.vo.msecnd.net *.processout.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' *.edenredcdn.com fonts.googleapis.com fonts.gstatic.com https://cdn.userlane.com; img-src https: data:; font-src 'self' *.edenredcdn.com fonts.googleapis.com fonts.gstatic.com; connect-src 'self' https://api.userlane.com *.services.visualstudio.com *.processout.com https://cdn.cookielaw.org https://optanon.blob.core.windows.net https://privacyportal-de.onetrust.com; frame-ancestors 'self'; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' https://www.google.com https://www.gstatic.com *.edenredcdn.com https://cdn.userlane.com *.vo.msecnd.net *.processout.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' *.edenredcdn.com fonts.googleapis.com fonts.gstatic.com https://cdn.userlane.com; img-src https: data:; font-src 'self' *.edenredcdn.com fonts.googleapis.com fonts.gstatic.com; connect-src 'self' https://api.userlane.com *.services.visualstudio.com *.processout.com https://cdn.cookielaw.org https://optanon.blob.core.windows.net https://privacyportal-de.onetrust.com; frame-ancestors 'self'; block-all-mixed-content;
Content-Type
text/html; charset=utf-8
Date
Sat, 12 Nov 2022 01:37:08 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 fra1-bit11043
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Request-ID
00-e12d9f44b8a7403921c085fc8deb34e6-8188ad40fc1929dc-00
X-XSS-Protection
1; mode=block

Redirect headers

Content-Length
0
Date
Sat, 12 Nov 2022 01:37:06 GMT
Location
https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip
Referrer-Policy
no-referrer
Request-Context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 fra1-bit11043
X-Content-Type-Options
nosniff
X-Request-ID
00-0fc6d0eca4199bf61dafbbb8c2aab739-4114dba763e9e484-00
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/appDynamicsParams/ 		0
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/appDynamicsParams/adrum
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.18b6b3ec105ee15f14ef7c382e15f446.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.153.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-153-137.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://clients.expendiasmart.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 01:37:07 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0
main.min.css
sso.eu.edenredcdn.com/assets/trip/styles/ 		164 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
Requested by
Host: sso.eu.edenred.io
URL: https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d73bc0c30ce9885f05091b8cd686046ca8eebc48a808c3d9686873b88c0415f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit11016
content-encoding
gzip
date
Sat, 12 Nov 2022 01:37:07 GMT
last-modified
Tue, 08 Nov 2022 16:57:34 GMT
etag
"1d8f393327b03d9"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/css
x-azure-ref
0xPhuYwAAAADbdSCKlJ4ES58VNtPCjaImQU1TMDRFREdFMTgwOAA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
cache-control
public, max-age=604800
accept-ranges
bytes
x-request-id
00-be158d544d23661480533d7db56f0e03-7efe6c74b97c4cbd-00
request-context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: sso.eu.edenred.io
URL: https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f61df09104beed7b0e8ef5aa419758111363fd4888c08386723bedb3406557f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 01:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 12 Nov 2022 01:37:08 GMT
recaptcha.min.js
sso.eu.edenredcdn.com/assets/core/scripts/ 		334 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.eu.edenredcdn.com/assets/core/scripts/recaptcha.min.js?v=d4cpfWXf4yXg5z9hYV-QKHgxKiPlhzzi4XxtZWGgAQc
Requested by
Host: sso.eu.edenred.io
URL: https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7787297d65dfe325e0e73f61615f902878312a23e5873ce2e17c6d6561a00107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit16017
content-encoding
gzip
date
Sat, 12 Nov 2022 01:37:07 GMT
last-modified
Tue, 08 Nov 2022 16:58:00 GMT
etag
"1d8f39341f8dd4e"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0xPhuYwAAAAB9PsrZIH2cQpPUwbsZzQRKQU1TMDRFREdFMTgwOAA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
cache-control
public, max-age=604800
accept-ranges
bytes
x-request-id
00-2d410dd73236d1e950454ec12e3331f0-c8e1e990fb9864f0-00
request-context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
edenred.svg
sso.eu.edenredcdn.com/assets/core/images/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.eu.edenredcdn.com/assets/core/images/logos/edenred.svg?v=we104uGGquP0z-0DZS4FfrgGBz7lRPURCLJ35xb2uMA
Requested by
Host: sso.eu.edenred.io
URL: https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1ed74e2e186aae3f4cfed03652e057eb806073ee544f51108b277e716f6b8c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit11016
content-encoding
br
date
Sat, 12 Nov 2022 01:37:07 GMT
last-modified
Tue, 08 Nov 2022 16:52:28 GMT
etag
"1d8f3927c15a486"
x-azure-ref
0xPhuYwAAAACoGqXFvD1/TK5zbjxHD/c8QU1TMDRFREdFMTgwOAA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
x-cache
TCP_HIT
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
x-request-id
00-09e7d3668cf33183c44ba8407eca369b-fda0eb4bd43692ab-00
request-context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
main.min.js
sso.eu.edenredcdn.com/assets/trip/scripts/ 		174 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.eu.edenredcdn.com/assets/trip/scripts/main.min.js?v=MqB4sF_zMQN40_jR1oK7q5oTaNCEo0HvPgEP1ZMZlfg
Requested by
Host: sso.eu.edenred.io
URL: https://sso.eu.edenred.io/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Df54f04c34f994bb49dd4fbae3f54a250%26scope%3Dopenid%26redirect_uri%3Dhttps%253A%252F%252Fclients.expendiasmart.com%252Ftripv2api%252Fopenid%252Flogin%252Fcallback%26nonce%3D14bb8f657465%26state%3D9db6add4fdd4%26ui_locales%3Dit-IT%26acr_values%3Dtenant%253Atrip
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32a078b05ff3310378d3f8d1d682bbab9a1368d084a341ef3e010fd5931995f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit11016
content-encoding
gzip
date
Sat, 12 Nov 2022 01:37:07 GMT
last-modified
Tue, 08 Nov 2022 16:58:04 GMT
etag
"1d8f39344598190"
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
application/javascript
x-azure-ref
0xPhuYwAAAAAoj0Yf1mxOT65xG6y3/PWhQU1TMDRFREdFMTgwOAA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
cache-control
public, max-age=604800
accept-ranges
bytes
x-request-id
00-772e58e3c74e8b554d7a10bcc8dce186-e788f852f5216474-00
request-context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
bg-login@2x.jpg
sso.eu.edenredcdn.com/assets/trip/images/ 		724 KB
725 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.eu.edenredcdn.com/assets/trip/images/bg-login@2x.jpg
Requested by
Host: sso.eu.edenredcdn.com
URL: https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e7d6e747af3f2a8cefe6e77947337392524b911b8d7726b94f5f187e7e5f7aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit11016
date
Sat, 12 Nov 2022 01:37:07 GMT
last-modified
Tue, 08 Nov 2022 16:52:28 GMT
etag
"1d8f3927c1ee1dc"
x-azure-ref
0xPhuYwAAAABN2TI6ofoeSJWDF4b8yjlqQU1TMDRFREdFMTgwOAA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
741340
x-request-id
00-34056c8225ba9ea805afd8a3d85c92dd-03897ec1a58e2eae-00
request-context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
edenred.svg
sso.eu.edenredcdn.com/assets/core/images/logos/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.eu.edenredcdn.com/assets/core/images/logos/edenred.svg
Requested by
Host: sso.eu.edenredcdn.com
URL: https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1ed74e2e186aae3f4cfed03652e057eb806073ee544f51108b277e716f6b8c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit11016
content-encoding
br
date
Sat, 12 Nov 2022 01:37:08 GMT
last-modified
Tue, 08 Nov 2022 16:52:28 GMT
etag
"1d8f3927c15a486"
x-azure-ref
0xPhuYwAAAACJ9QbRdKJwSLiW8fQFDi9OQU1TMDRFREdFMTgwOAA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
x-cache
TCP_MISS
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
x-request-id
00-61e694f34ade8ad7480fd0c237ec1d11-c4bab297817d56a9-00
request-context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
eye.png
sso.eu.edenredcdn.com/assets/trip/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.eu.edenredcdn.com/assets/trip/images/eye.png
Requested by
Host: sso.eu.edenredcdn.com
URL: https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38aa66854f515a9b7482c44e73c4f00797a8fbfc0d0b69e3542ac382db26840a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit16017
date
Sat, 12 Nov 2022 01:37:07 GMT
last-modified
Tue, 08 Nov 2022 16:52:28 GMT
etag
"1d8f3927c15be36"
x-azure-ref
0xPhuYwAAAAChyRwZpyBETJUbAtDylPDRQU1TMDRFREdFMTgwOAA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
x-cache
TCP_HIT
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4150
x-request-id
00-b1da615b0d3f7360301fb46e5f4a1548-5a958ba13530b807-00
request-context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
Montserrat-SemiBold.woff
sso.eu.edenredcdn.com/assets/trip/fonts/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.eu.edenredcdn.com/assets/trip/fonts/Montserrat-SemiBold.woff
Requested by
Host: sso.eu.edenredcdn.com
URL: https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b15c3bc4dc5f8091de30e7e2fa9a7e1990f30bc137118712171f4e1ed76129d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
Origin
https://sso.eu.edenred.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit11016
date
Sat, 12 Nov 2022 01:37:07 GMT
last-modified
Tue, 08 Nov 2022 16:52:28 GMT
etag
"1d8f3927c15db6c"
x-azure-ref
0xPhuYwAAAAA3sMJvepwLR6j5VHoyuoFYQU1TMDRFREdFMTkxMgA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
x-cache
TCP_HIT
content-type
application/font-woff
access-control-allow-origin
https://sso.eu.edenred.io
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30060
x-request-id
00-5a2b3e90f680bae76cf680387415804f-6cb014eb3b48fe62-00
request-context
appId=cid-v1:2ce15feb-3924-4b24-8a9e-43e57e4e6db9
Montserrat-Regular.woff
sso.eu.edenredcdn.com/assets/trip/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.eu.edenredcdn.com/assets/trip/fonts/Montserrat-Regular.woff
Requested by
Host: sso.eu.edenredcdn.com
URL: https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
edf9d8f742937d91c69a5b1fb52be3dfac6259ee853c55b309cdd0febf5a8802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sso.eu.edenredcdn.com/assets/trip/styles/main.min.css?v=UqZCgMGMqydLYZlaNApxo-xod2roqZ6q79nctEev2GY
Origin
https://sso.eu.edenred.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 lon1-bit10032
date
Sat, 12 Nov 2022 01:37:07 GMT
last-modified
Tue, 08 Nov 2022 16:52:28 GMT
etag
"1d8f3927c15fbf8"
x-azure-ref
0xPhuYwAAAAByi6I0TWTXTosEExLXVQ8FQU1TMDRFREdFMTkxMgA3ODcyOWEzNC00MjUzLTRjNzAtYTMzMC1kNjJjYzJlMGYzZjA=
x-cache
TCP_HIT
content-type
application/font-woff
access-control-allow-origin
https://sso.eu.edenred.io
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22008
x-request-id
00-315d19648bfb6e9a530b9327aef1cf4c-c3bf7c294ce0fdd9-00
request-context
appId=cid-v1:b4095fe5-bbe1-4a3c-8761-185c77e6f5d1
recaptcha__de.js
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ 		402 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://sso.eu.edenred.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 23:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164348
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 23:00:33 GMT
anchor
www.google.com/recaptcha/api2/ Frame 3D6A 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=79587qvrgm1z
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
621cb7696d9c52f7697a5752600673d4343e3246db99f3a504f315f0fce301b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4iWqtHpIsDK26JwIJExYbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23237
content-security-policy
script-src 'report-sample' 'nonce-4iWqtHpIsDK26JwIJExYbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 12 Nov 2022 01:37:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 25A9 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=nmu0k7yhww9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4655e415653870f88e9857aba6a391c45f6cd4d8acf8d2d0f5302d17251528ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SKrCs_cvfQZ51zTiyMbaIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23165
content-security-policy
script-src 'report-sample' 'nonce-SKrCs_cvfQZ51zTiyMbaIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 12 Nov 2022 01:37:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 25A9 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=nmu0k7yhww9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 15:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 15:57:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 25A9 		402 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=nmu0k7yhww9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 23:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164348
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 23:00:33 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 3D6A 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=79587qvrgm1z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 15:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 15:57:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 3D6A 		402 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=79587qvrgm1z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 23:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9395
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164348
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 23:00:33 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 25A9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 19:40:09 GMT
x-content-type-options
nosniff
age
107820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 17 Nov 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25A9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=nmu0k7yhww9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:21:27 GMT
x-content-type-options
nosniff
age
281742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 19:21:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25A9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=nmu0k7yhww9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 18:59:48 GMT
x-content-type-options
nosniff
age
283041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Nov 2023 18:59:48 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3D6A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 19:40:09 GMT
x-content-type-options
nosniff
age
107820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 17 Nov 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D6A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=79587qvrgm1z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 19:21:27 GMT
x-content-type-options
nosniff
age
281742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 19:21:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D6A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=79587qvrgm1z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 18:59:48 GMT
x-content-type-options
nosniff
age
283041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Nov 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 25A9 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=nmu0k7yhww9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=nmu0k7yhww9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 01:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 12 Nov 2022 01:37:09 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 3D6A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=79587qvrgm1z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq&co=aHR0cHM6Ly9zc28uZXUuZWRlbnJlZC5pbzo0NDM.&hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&size=invisible&cb=79587qvrgm1z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 01:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 12 Nov 2022 01:37:09 GMT
bframe
www.google.com/recaptcha/api2/ Frame 4750 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
53acf55763043d4c6d3d48f2341b324f2ceb4594b2298541b14353c82f04a8f6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ErKDh5M6bEa_TaqEzbGPPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-ErKDh5M6bEa_TaqEzbGPPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 12 Nov 2022 01:37:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame B65D 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f0cd2e31c9f51c3ca4bde83f94a7aade1c687b25230cdfe2ec988e7a386be25f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j40mn9tCYCQfUCajGIWWvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1118
content-security-policy
script-src 'report-sample' 'nonce-j40mn9tCYCQfUCajGIWWvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 12 Nov 2022 01:37:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame B65D 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 15:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 15:57:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame B65D 		402 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 23:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164348
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 23:00:33 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 4750 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 15:57:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 15:57:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/ Frame 4750 		402 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 23:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164348
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 23:32:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Nov 2023 23:00:33 GMT
reload
www.google.com/recaptcha/api2/ Frame B65D 		38 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36359b5ef692e4537534ff3015afed1e5584883edcc2c01cfd7b69cd8f54b8a9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 12 Nov 2022 01:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23391
x-xss-protection
1; mode=block
expires
Sat, 12 Nov 2022 01:37:09 GMT
reload
www.google.com/recaptcha/api2/ Frame 4750 		38 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8eb58c7191234a40da37ed3a817bb5014e57c768a7fbbc5bb1aac87f9a7bf4d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=jF-AgDWy8ih0GfLx4Semh9UK&k=6LeDfbIZAAAAAF_IQ7_L0OFQQpf--fbWkMhwdfsq
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 12 Nov 2022 01:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23573
x-xss-protection
1; mode=block
expires
Sat, 12 Nov 2022 01:37:09 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| buildJsEncrypt function| CvcSubmit object| core function| $ function| jQuery function| Popper object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onSubmit function| handleSubmit object| closure_lm_418766

12 Cookies

Domain/Path Name / Value
clients.expendiasmart.com/tripv2api/ Name: JSESSIONID
Value: 40259791-d239-4ca0-8d29-10d979d1ba5e
clients.expendiasmart.com/tripv2api/ Name: TS01696064
Value: 015b3bbaa3ef7e84c704aa526dc6be75a83acadfdc5938c5dbecbbdf7ff53039c6ff5ca60f94809263fab9bfd7466a594b0dcbaab7
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHrz1vZ8WaXlK9v2GaeQm2Qy4YXX7BGuIKkOnaKmGbnWxvbxsReqfIvzVar5ZFPZ-49_ZnUC7ouF2UO2cQGvur4
clients.expendiasmart.com/ Name: BIGipServer~P009~P009-it-trip-spndeo-prd_p-PL
Value: !cGhnt0S1YknN/2dvQJQ6a3e/Fw0ao/u6/A0Ky678a4/jyLE46r2EU3CkWpHdfTP/LgvXJUWIrqBkuYBgTZAC26IWX+5Bjsjgv1JtSQaJAmU=
.clients.expendiasmart.com/ Name: TS01c21610
Value: 015b3bbaa3ef7e84c704aa526dc6be75a83acadfdc5938c5dbecbbdf7ff53039c6ff5ca60f94809263fab9bfd7466a594b0dcbaab7
clients.expendiasmart.com/ Name: XSRF-TOKEN
Value: ee54f8af-b603-4b60-870f-e7f08ac873e2
.expendiasmart.com/ Name: ADRUM
Value: s=1668217026304&r=https%3A%2F%2Fclients.expendiasmart.com%2Ftripv2%2Fmy-transactions%2Flist%3F0
sso.eu.edenred.io/ Name: .AspNetCore.Culture
Value: c%3Dit-IT%7Cuic%3Dit-IT
sso.eu.edenred.io/ Name: .AspNetCore.Antiforgery.t3FzIQCpEDY
Value: CfDJ8AxFBQ7eKyhCsgRUChZmuwBgAUwRb_uijpSlnCH_Kr1YqozBgtdR-n3q7e4vXinM8A-jXl3TJfZOC9BjakkUtthgjk3HKb4GAdGuMLf2-dUsuFifsL2GAk8Ou4sc5SXu4P6DcckoDogZFOCNj31I3f0
sso.eu.edenred.io/ Name: TS0178b3f9
Value: 01efa8de0fdf7ae78867fbdde4eb949ac022006fa280aa7eb98e47e1aedb550f924c971b76d094ff1887a4770b4bea9ba63093e82a706ea37fb32f0aa92947cc765ce0e78e43fca7856b47630f2ab4b4043edd32aef0f1bdc379cc0ab88b8384d3f8268deb
sso.eu.edenred.io/ Name: TS0178b3f9026
Value: 01abf95404adec9173387eba4b3ecad57550c8ad6c73955556de1f162aa68db34b5c809087cfc75660180ad12d0d0072147db3f413220ffc0c268b1608ed8b6b46a8fde1c2
sso.eu.edenred.io/ Name: __dummy
Value: 11/12/2022, 1:37:08 AM

3 Console Messages

Source Level URL
Text
javascript warning URL: https://clients.expendiasmart.com/tripv2/my-transactions/list(Line 22)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.appdynamics.com/adrum/adrum-4.3.8.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://clients.expendiasmart.com/tripv2/my-transactions/list(Line 22)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.appdynamics.com/adrum/adrum-4.3.8.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://clients.expendiasmart.com/tripv2api/user/details?_=1668217026
Message:
Failed to load resource: the server responded with a status of 401 (401)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
clients.expendiasmart.com
col.eum-appdynamics.com
fonts.gstatic.com
sso.eu.edenred.io
sso.eu.edenredcdn.com
www.google.com
www.gstatic.com
107.162.166.72
13.224.189.104
204.103.47.202
2620:1ec:46::45
2a00:1450:4001:801::2003
2a00:1450:4001:810::2004
2a00:1450:4001:829::2003
50.112.153.137
0dfeece76e5eee14177f1fa077e63d2a3813a5e5cd00ea26b0403173c58c1871
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c7d9c12751d4b4899b38915c41c781b4d51b8797be3f2cf6aa11783ad8f786d
222d4161f51258f242a1fddf21f7b8803af6b0282f9f8974adea845620c9e84c
2ee9998c5bf9385ff496ec1a325ada6a7e1fefbde8c0d176ee02d9bde8424c03
320985a5ed79c8af40bebc1e6436d692a366e58715e88286b567654a01609b06
32a078b05ff3310378d3f8d1d682bbab9a1368d084a341ef3e010fd5931995f8
36359b5ef692e4537534ff3015afed1e5584883edcc2c01cfd7b69cd8f54b8a9
38aa66854f515a9b7482c44e73c4f00797a8fbfc0d0b69e3542ac382db26840a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f5e83bd62586d007c7bf027478dc64fe8f37141d74898333e93fd60041fd608
4655e415653870f88e9857aba6a391c45f6cd4d8acf8d2d0f5302d17251528ae
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
53acf55763043d4c6d3d48f2341b324f2ceb4594b2298541b14353c82f04a8f6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
621cb7696d9c52f7697a5752600673d4343e3246db99f3a504f315f0fce301b0
6619ba77a7043416a164874dcacbf5ca4a6b53746f720c8c62c56d1832599307
6e7d6e747af3f2a8cefe6e77947337392524b911b8d7726b94f5f187e7e5f7aa
6ef0b30fcd25e4fe07f13ee13151ff5cd2f1832e3f82ba315b07b6523278ee49
737f77b305dc0c093619d8dd4a304d504077f64fea0a3f49a498e506394db4d2
7787297d65dfe325e0e73f61615f902878312a23e5873ce2e17c6d6561a00107
869d4e5eed87f6f9e779e58c3dee5c208863999db8d4ee82751ed4000646282e
8eb58c7191234a40da37ed3a817bb5014e57c768a7fbbc5bb1aac87f9a7bf4d3
965b1ae2ca2aaf312433b54c71aa6df152c36b65745c413b6a7679517b223644
9b15c3bc4dc5f8091de30e7e2fa9a7e1990f30bc137118712171f4e1ed76129d
b530c7930db0cc0f819fa04909bb3ceee2e19d5a00c9a1c6d3268bdc8fb3a2c7
c1ed74e2e186aae3f4cfed03652e057eb806073ee544f51108b277e716f6b8c0
c8d51940186c9072bb469882fa1f68e82fec5e94be433b06f60670b8f495e025
d4007d4644f91b50d08a4739b18e857932425220d7d806ee886a421807dfd5af
d73bc0c30ce9885f05091b8cd686046ca8eebc48a808c3d9686873b88c0415f1
d90ca07f257fd0d5a9532a7d91d99fe3c90a62b64f7dba0b4dd8d911d85b4235
e2346682bfe772e1854e49e796ce5f36f9fabfa952607c1f46003be72252e16f
edf9d8f742937d91c69a5b1fb52be3dfac6259ee853c55b309cdd0febf5a8802
f0cd2e31c9f51c3ca4bde83f94a7aade1c687b25230cdfe2ec988e7a386be25f
f61df09104beed7b0e8ef5aa419758111363fd4888c08386723bedb3406557f4
fc61703e1ce27b748ad533e812e2b242334ff3eee6dff91b2cc13d1ca35227bf