urlscan.io logo urlscan.io
SecurityTrails logo

accounts.xe.com Open in urlscan Pro
107.22.48.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://transfer.xe.com/signup/track/redirect
Effective URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransf...
Submission: On January 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 34 HTTP transactions. The main IP is 107.22.48.240, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is accounts.xe.com.
TLS certificate: Issued by Amazon on June 6th 2022. Valid for: a year.
This is the only time accounts.xe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    213.183.83.94 (Freinsheim, Germany)

ASN21473 (MANET-AS Pfalzkom GmbH, DE)
PTR: node83-94.static.in-addr.pfalzkom.net
transfer.xe.com
8    107.22.48.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-48-240.compute-1.amazonaws.com
accounts.xe.com
1    2a02:26f0:3500:88e::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:206f:6c00:18:5499:2b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.xe.com
1    13.32.23.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-160.fra56.r.cloudfront.net
cdn.amplitude.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    35.163.146.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-146-214.us-west-2.compute.amazonaws.com
api.amplitude.com
8    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
609 KB
11 xe.com
transfer.xe.com — Cisco Umbrella Rank: 710447
accounts.xe.com
www.xe.com — Cisco Umbrella Rank: 46024
655 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
74 KB
5 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2607
api.amplitude.com — Cisco Umbrella Rank: 1415
25 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
83 KB
1 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 728
128 KB
34 7
Domain Requested by
8 www.gstatic.com www.google.com
www.gstatic.com
8 accounts.xe.com 2 redirects accounts.xe.com
6 www.google.com accounts.xe.com
www.google.com
www.gstatic.com
5 fonts.gstatic.com fonts.googleapis.com
4 api.amplitude.com cdn.amplitude.com
2 transfer.xe.com 2 redirects
1 fonts.googleapis.com client
1 cdn.amplitude.com accounts.xe.com
1 www.xe.com accounts.xe.com
1 www.googletagmanager.com accounts.xe.com
1 cdn.optimizely.com accounts.xe.com
34 11

This site contains links to these domains. Also see Links.

Domain
www.xe.com
policies.google.com
help.xe.com
xe.com
Subject Issuer Validity Valid
accounts.xe.com
Amazon		 2022-06-06 -
2023-07-05		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-30 -
2023-10-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
www.xe.com
Amazon		 2022-03-11 -
2023-04-09		 a year crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Frame ID: A007825910AF83CE798C69EC374FF98B
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod&co=aHR0cHM6Ly9hY2NvdW50cy54ZS5jb206NDQz&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=inline&cb=23ws5zjq7iot
Frame ID: 6EF2D75C4344F92D5594DD8EAA142871
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod
Frame ID: 8CF0818EFD9F3C1E2BF7BA58E8D0EBD3
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XE Account ServicesXE.com LogoShow passwordShow password requirements

Page URL History Show full URLs

  1. https://transfer.xe.com/signup/track/redirect HTTP 302
    https://transfer.xe.com/signup/ HTTP 302
    https://accounts.xe.com/oauth2/authorize?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&red... HTTP 302
    https://accounts.xe.com/login?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=h... HTTP 302
    https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

100 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

10
IPs

2
Countries

1573 kB
Transfer

4057 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://transfer.xe.com/signup/track/redirect HTTP 302
    https://transfer.xe.com/signup/ HTTP 302
    https://accounts.xe.com/oauth2/authorize?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https://transfer.xe.com/signup/personal/step1&state=https://transfer.xe.com:9443/signup/ HTTP 302
    https://accounts.xe.com/login?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F HTTP 302
    https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signup
accounts.xe.com/
Redirect Chain
  • https://transfer.xe.com/signup/track/redirect?
  • https://transfer.xe.com/signup/
  • https://accounts.xe.com/oauth2/authorize?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https://transfer.xe.com/signup/personal/step1&state=https://transfer.xe.com:9443/signup/
  • https://accounts.xe.com/login?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A94...
  • https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9...
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.48.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-48-240.compute-1.amazonaws.com
Software
nginx/1.12.2 / Express
Resource Hash
d0ea14668205d59399fc4a913d82a3cb084c4e3eadf59a835b01394be6a415c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 18:27:13 GMT
server
nginx/1.12.2
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

content-length
446
content-type
text/html; charset=utf-8
date
Thu, 12 Jan 2023 18:27:13 GMT
location
/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
server
nginx/1.12.2
vary
Accept
x-powered-by
Express
utils.js
accounts.xe.com/ 		2 KB
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.xe.com/utils.js
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.48.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-48-240.compute-1.amazonaws.com
Software
nginx/1.12.2 / Express
Resource Hash
3b0c12d3ebba86b92a8b5ea9e40b7ecdcc888f8b471257c4bbd5cae497a8350e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 11:01:23 GMT
server
nginx/1.12.2
x-powered-by
Express
etag
W/"659-185a5a44197"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
8326554781.js
cdn.optimizely.com/js/ 		524 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/8326554781.js
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f51c1d37fe63f26409e321b418e4628a83bb894fb14e83414fd365d467602e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
maO7dHbsLjcd9fvBCuqe76cYjjDkXxxW
content-encoding
gzip
date
Thu, 12 Jan 2023 18:27:13 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
5AWHSJQJGR3AVD2C
x-amz-server-side-encryption
AES256
x-amz-meta-revision
8167
x-amz-replication-status
PENDING
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:3500:88e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length
130011
x-amz-id-2
vBHBXUo3xbmGmuNaCb6whSutl6X6AZA+J6vYrSkJjEuMCnTwDIoWi6KgUasABGiRfg5EB9vhPo0=
last-modified
Mon, 09 Jan 2023 22:21:38 GMT
server
AmazonS3
etag
"747d0edcb0d308d67aeacc81d602a963"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
2.57fb71c6.chunk.css
accounts.xe.com/static/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.xe.com/static/css/2.57fb71c6.chunk.css
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.48.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-48-240.compute-1.amazonaws.com
Software
nginx/1.12.2 / Express
Resource Hash
efa9dab41ff994331eff6f7f379e4e53fd2410477e56ca1088ba1610083c8489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
gzip
last-modified
Thu, 24 Nov 2022 12:05:40 GMT
server
nginx/1.12.2
x-powered-by
Express
etag
W/"b44-184a98780e2"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=2592000
2.b61fdf49.chunk.js
accounts.xe.com/static/js/ 		736 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.xe.com/static/js/2.b61fdf49.chunk.js
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.48.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-48-240.compute-1.amazonaws.com
Software
nginx/1.12.2 / Express
Resource Hash
f91715e70150c54bac5fe82833130eab65745a61f0514ac4a98b093413bc2f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
gzip
last-modified
Thu, 24 Nov 2022 12:05:40 GMT
server
nginx/1.12.2
x-powered-by
Express
etag
W/"b81a7-184a98780ee"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
main.cd983e1e.chunk.js
accounts.xe.com/static/js/ 		140 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.xe.com/static/js/main.cd983e1e.chunk.js
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.48.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-48-240.compute-1.amazonaws.com
Software
nginx/1.12.2 / Express
Resource Hash
76e6564d15e7b638588957a96b0ea1db5113472b9a38a50b473c28e7f1d95eba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 11:01:59 GMT
server
nginx/1.12.2
x-powered-by
Express
etag
W/"230c5-185a5a4cdeb"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
gtm.js
www.googletagmanager.com/ 		251 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNCL796
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ecd2945081b920231d2490f2d22f1dc1c1f48e339f56f5fec73934a6347e7d78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84931
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 18:27:14 GMT
c.php
www.xe.com/a/b/ 		1 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.xe.com/a/b/c.php
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6c00:18:5499:2b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.54 () PHP/7.3.33 / PHP/7.3.33
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
gzip
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
server
Apache/2.4.54 () PHP/7.3.33
x-amz-cf-pop
FRA56-C1
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://accounts.xe.com
cache-control
no-cache, no-store, must-revalidate
x-robots-tag
noindex
content-length
21
x-amz-cf-id
Z7dGr_TK1TEsnhZIfd3aFhy9IlPTJVd4k7bKpJjSPFWa41DNLWYdag==
amplitude-8.16.1-min.gz.js
cdn.amplitude.com/libs/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.16.1-min.gz.js
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/static/js/main.cd983e1e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-160.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07898a85ddb26ec948a2af9e860183811120fc16b46d77fe56ecb740dc665826

Request headers

Referer
https://accounts.xe.com/
Origin
https://accounts.xe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 21:51:36 GMT
content-encoding
gzip
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-version-id
92mAl5fU0pJ1bHEdGZ.97pbI7WKqvAaX
x-amz-cf-pop
FRA56-C2
age
16749339
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24286
last-modified
Fri, 28 Jan 2022 19:15:41 GMT
server
AmazonS3
etag
"9b28cde15078559998e3cbcb24f307f3"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
tGI74PpOTFdGNEHiVu73NWf9cQwOSnOpzS5c9Kjw_JrFd74e5vxqTg==
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 16:28:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 12 Jan 2023 18:27:14 GMT
3.481e702d.chunk.js
accounts.xe.com/static/js/ 		805 KB
391 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.xe.com/static/js/3.481e702d.chunk.js
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.48.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-48-240.compute-1.amazonaws.com
Software
nginx/1.12.2 / Express
Resource Hash
e5817f02704a4accd6c2b6947eba832f11a0bd96f5a2653c07f88e83a21a1496

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/signup?client_id=7v3mjop0iq74d7bdpgvn95r86d&response_type=code&redirect_uri=https%3A%2F%2Ftransfer.xe.com%2Fsignup%2Fpersonal%2Fstep1&state=https%3A%2F%2Ftransfer.xe.com%3A9443%2Fsignup%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 11:01:59 GMT
server
nginx/1.12.2
x-powered-by
Express
etag
W/"c9566-185a5a4cdf7"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
api.js
www.google.com/recaptcha/ 		909 B
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/static/js/2.b61fdf49.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4976158c0f29953fe1f2dfd3c7d7cebb56de7fa39bff4c63bdf5939a185ffa41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.xe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
576
x-xss-protection
1; mode=block
expires
Thu, 12 Jan 2023 18:27:14 GMT
/
api.amplitude.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.146.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-146-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://accounts.xe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 12 Jan 2023 18:27:15 GMT
strict-transport-security
max-age=15768000
/
api.amplitude.com/ 		7 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.16.1-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.146.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-146-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://accounts.xe.com/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 12 Jan 2023 18:27:15 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-63c05103-040d79d9398b0fe7066d0a0a
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.xe.com/
Origin
https://accounts.xe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 16:49:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5838
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 16:49:56 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://accounts.xe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:04:53 GMT
x-content-type-options
nosniff
age
591741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12860
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 22:04:53 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://accounts.xe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 20:52:35 GMT
x-content-type-options
nosniff
age
250479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12684
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:28:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 20:52:35 GMT
anchor
www.google.com/recaptcha/api2/ Frame 6EF2 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod&co=aHR0cHM6Ly9hY2NvdW50cy54ZS5jb206NDQz&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=inline&cb=23ws5zjq7iot
Requested by
Host: accounts.xe.com
URL: https://accounts.xe.com/static/js/2.b61fdf49.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a397fd3d283776a20f15c197b131cdff743df83fe849416dda94c1cbe19af4a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7qitpKl3MJnWJvYLJneJ2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.xe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23057
content-security-policy
script-src 'report-sample' 'nonce-7qitpKl3MJnWJvYLJneJ2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 18:27:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 6EF2 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod&co=aHR0cHM6Ly9hY2NvdW50cy54ZS5jb206NDQz&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=inline&cb=23ws5zjq7iot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 11:40:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 11:40:26 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 6EF2 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod&co=aHR0cHM6Ly9hY2NvdW50cy54ZS5jb206NDQz&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=inline&cb=23ws5zjq7iot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 16:49:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 16:49:56 GMT
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.16.1-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.146.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-146-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://accounts.xe.com/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 12 Jan 2023 18:27:15 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-63c05103-2968dd6026cf76c4673fbb8d
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
api.amplitude.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.163.146.214 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-146-214.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://accounts.xe.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 12 Jan 2023 18:27:15 GMT
strict-transport-security
max-age=15768000
webworker.js
www.google.com/recaptcha/api2/ Frame 6EF2 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod&co=aHR0cHM6Ly9hY2NvdW50cy54ZS5jb206NDQz&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=inline&cb=23ws5zjq7iot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod&co=aHR0cHM6Ly9hY2NvdW50cy54ZS5jb206NDQz&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=inline&cb=23ws5zjq7iot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 12 Jan 2023 18:27:15 GMT
bframe
www.google.com/recaptcha/api2/ Frame 8CF0 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1a6abef188ec5391525457e4696823c23b23a2d7c0786de7ea927e724eb4a9e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zdcok0cCvoZ_n-HUXS9A8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.xe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-Zdcok0cCvoZ_n-HUXS9A8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 18:27:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 8CF0 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 11:40:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 11:40:26 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 8CF0 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 16:49:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 16:49:56 GMT
reload
www.google.com/recaptcha/api2/ Frame 8CF0 		39 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
32050257738a5161db83b2b7e14c05a65e00ea3ca2cf53d27b66f90dc7ea5b73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 12 Jan 2023 18:27:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24602
x-xss-protection
1; mode=block
expires
Thu, 12 Jan 2023 18:27:15 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8CF0 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 19:16:51 GMT
x-content-type-options
nosniff
age
83424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 18 Jan 2023 19:16:51 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8CF0 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 17:23:32 GMT
x-content-type-options
nosniff
age
522223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 13 Jan 2023 17:23:32 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8CF0 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 18:58:22 GMT
x-content-type-options
nosniff
age
84533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 18 Jan 2023 18:58:22 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8CF0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 12:17:50 GMT
x-content-type-options
nosniff
age
454165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 12:17:50 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8CF0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 07:04:14 GMT
x-content-type-options
nosniff
age
472981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 07:04:14 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8CF0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 22:21:19 GMT
x-content-type-options
nosniff
age
245156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Jan 2024 22:21:19 GMT
payload
www.google.com/recaptcha/api2/ Frame 8CF0 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AD1IbLDkF-cfkP1pY7bO_OdaPlXnHP1ABL4_pFo6cWic752fCr84xSfaOiMBUl6j38IpR7keiVje_HNOpaj19IaCkX8im2mg_ZxaXbB3QngsWv16trNA5wgrImQur2WfRawKZdOHyT-S4_ru_-VuVLw9EbT9kG9WasCMy1csYzt1CfekUHCCNGIi_JyxZuu6sF6pD_XWIIq2BS6vmjD0oZWMQg7S000_Yw&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c8893bf4b9271b2905e62e01d8d1f0270e05cf29ff58b5b566290649cbb6364f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Ld_FK0UAAAAAED_ZzwYDaW9HJ84QHiqaHN53Jod
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 18:27:15 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25159
x-xss-protection
1; mode=block
expires
Thu, 12 Jan 2023 18:27:15 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| dataLayer object| xeSession function| getCookie function| setOptOut object| optimizely boolean| optout undefined| _ number| startTime number| duration object| CLIENT_ID_TO_PRODUCT_NAME_MAP string| IS_404_PAGE boolean| isModernBrowser undefined| scriptElement object| webpackJsonp object| google_tag_manager object| google_tag_data object| regeneratorRuntime object| scCGSHMRCache function| sprintf function| vsprintf object| amplitude object| ConsentManager object| Analytics object| __AMPLITUDE__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_200631

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJ4Tk-7Uv4nNavyKvugMam4Q6x_kyurZmiUIF4ahWpPuztS5F9KFguKTUUqbRh_FvpV2iX4YciTp97TsZ2yTo30
.xe.com/ Name: xeid
Value: 4935fa29-6348-48a3-80d8-60516e160085
.xe.com/ Name: optimizelyOptOut
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.xe.com
api.amplitude.com
cdn.amplitude.com
cdn.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
transfer.xe.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.xe.com
107.22.48.240
13.32.23.160
213.183.83.94
2600:9000:206f:6c00:18:5499:2b00:93a1
2a00:1450:4001:803::2004
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2008
2a00:1450:4001:831::2003
2a02:26f0:3500:88e::13b8
35.163.146.214
07898a85ddb26ec948a2af9e860183811120fc16b46d77fe56ecb740dc665826
0f51c1d37fe63f26409e321b418e4628a83bb894fb14e83414fd365d467602e6
32050257738a5161db83b2b7e14c05a65e00ea3ca2cf53d27b66f90dc7ea5b73
3b0c12d3ebba86b92a8b5ea9e40b7ecdcc888f8b471257c4bbd5cae497a8350e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4976158c0f29953fe1f2dfd3c7d7cebb56de7fa39bff4c63bdf5939a185ffa41
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
76e6564d15e7b638588957a96b0ea1db5113472b9a38a50b473c28e7f1d95eba
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
a1a6abef188ec5391525457e4696823c23b23a2d7c0786de7ea927e724eb4a9e
a397fd3d283776a20f15c197b131cdff743df83fe849416dda94c1cbe19af4a0
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c8893bf4b9271b2905e62e01d8d1f0270e05cf29ff58b5b566290649cbb6364f
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d0ea14668205d59399fc4a913d82a3cb084c4e3eadf59a835b01394be6a415c3
e5817f02704a4accd6c2b6947eba832f11a0bd96f5a2653c07f88e83a21a1496
ecd2945081b920231d2490f2d22f1dc1c1f48e339f56f5fec73934a6347e7d78
efa9dab41ff994331eff6f7f379e4e53fd2410477e56ca1088ba1610083c8489
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f91715e70150c54bac5fe82833130eab65745a61f0514ac4a98b093413bc2f90