urlscan.io logo urlscan.io
SecurityTrails logo

content.webexpenses.com Open in urlscan Pro
2600:9000:20eb:200:7:b9bc:800:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://content.webexpenses.com/
Submission: On February 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 19 HTTP transactions. The main IP is 2600:9000:20eb:200:7:b9bc:800:93a1, located in United States and belongs to AMAZON-02, US. The main domain is content.webexpenses.com. The Cisco Umbrella rank of the primary domain is 526656.
TLS certificate: Issued by Amazon on March 14th 2022. Valid for: a year.
This is the only time content.webexpenses.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 44.208.142.140 14618 (AMAZON-AES)
1 3.5.19.125 14618 (AMAZON-AES)
19 4
16    2600:9000:20eb:200:7:b9bc:800:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.webexpenses.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    44.208.142.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-142-140.compute-1.amazonaws.com
tools.applemediaservices.com
1    3.5.19.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
apple-resources.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
16 webexpenses.com
content.webexpenses.com — Cisco Umbrella Rank: 526656
927 KB
1 amazonaws.com
apple-resources.s3.amazonaws.com — Cisco Umbrella Rank: 31826
11 KB
1 applemediaservices.com
tools.applemediaservices.com — Cisco Umbrella Rank: 28157
339 B
1 google.com
play.google.com — Cisco Umbrella Rank: 14
5 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 299
30 KB
19 5
Domain Requested by
16 content.webexpenses.com content.webexpenses.com
1 apple-resources.s3.amazonaws.com content.webexpenses.com
1 tools.applemediaservices.com 1 redirects
1 play.google.com content.webexpenses.com
1 ajax.googleapis.com content.webexpenses.com
19 5

This site contains no links.

Subject Issuer Validity Valid
content.webexpenses.com
Amazon		 2022-03-14 -
2023-04-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://content.webexpenses.com/
Frame ID: 1342BB903D01C42C229C41D7D995F1C5
Requests: 2 HTTP requests in this frame

Frame: https://content.webexpenses.com/slider.html
Frame ID: A73736081689BB6AFA2DADA0F0AA59D6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Webexpenses | Content Carousel

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

973 kB
Transfer

1745 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-US?size=250x83&releaseDate=1424822400&h=f0384787c3a45d256c1d19387e8dafeb HTTP 301
  • https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
content.webexpenses.com/ 		640 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://content.webexpenses.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7062fe1325fa84d81b41e3c164b919357096f5bbf1a28ddc2118940031d23dac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47
content-length
640
content-type
text/html
date
Sun, 12 Feb 2023 05:14:10 GMT
etag
"e320b424f2619143139167d78ec0849a"
last-modified
Wed, 06 Jul 2022 10:54:33 GMT
server
AmazonS3
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
x-amz-cf-id
hZ97Kzfnm-EtEBcL4U9RgI8oeMExlDWjnlo23QU5coWIUbhchZ-wUw==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
app.css
content.webexpenses.com/assets/dist/ 		222 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.webexpenses.com/assets/dist/app.css
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c1d3094b798293286eb0076f320594ddcdd7155d24638f79586f333bd45f40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 07:23:34 GMT
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
78683
etag
W/"6a9ac41bea5bea6bf7a55fb9b592826b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
w99lPF7Pv4OVLzWn-MtqJemYidxLDmhF1UoQESfd9kt8B0mFRNaSmQ==
slider.html
content.webexpenses.com/ Frame A737 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.webexpenses.com/slider.html
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db1ab3142686d7cb74f3c86eb490eb3c591b1aaaadefa69fe41a7162517c58ff

Request headers

Referer
https://content.webexpenses.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16694
content-encoding
gzip
content-type
text/html
date
Sun, 12 Feb 2023 00:36:43 GMT
etag
W/"9251f8ba16717ba00dc2b5afd0cfb550"
last-modified
Wed, 06 Jul 2022 10:54:33 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
x-amz-cf-id
54WjrpHd2VLo1bhypfUlsee6-0GyBDUO367bFxNz6sSJrcyz7n2sAw==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
app.css
content.webexpenses.com/assets/dist/ Frame A737 		222 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.webexpenses.com/assets/dist/app.css
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c1d3094b798293286eb0076f320594ddcdd7155d24638f79586f333bd45f40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 07:23:34 GMT
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
78683
etag
W/"6a9ac41bea5bea6bf7a55fb9b592826b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
aCUCb-7hVla5oD732Am9PcqPhLRQAFT44OcV6QizIbRXMjfc1AUM3Q==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame A737 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 02:40:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Feb 2024 02:40:56 GMT
logo-invoicing.svg
content.webexpenses.com/assets/dist/images/ Frame A737 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/logo-invoicing.svg
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da163dda7da123e6fa002efa5301aae14d14db8a9d854c62e4bc36e2628e3000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 07:57:57 GMT
content-encoding
br
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
76620
etag
W/"661b3d43c890c59de9732fc5ae03510b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
31oCS9tlyqLs-J364b_zncoG4e_w3JsRy0jN7TIXWHRUYUWlOqLqWA==
image-invoicing.png
content.webexpenses.com/assets/dist/images/ Frame A737 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/image-invoicing.png
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a2e7967c01966ba5eea8fb5508eb5a7798ebd9f58450480df6ae43eeffc6fac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:04:17 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
69040
etag
"9f2040e940a6a399d7edf107c9ce52c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
111908
x-amz-cf-id
KoMT43d-5NYNVvc9HE-0o8HL8SU4g-CoYP6Vv37GlkHCFIoNId7BSQ==
logo-onboarding.svg
content.webexpenses.com/assets/dist/images/ Frame A737 		18 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/logo-onboarding.svg
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
962941ab5b13f189ee2900b327685f8befd29eca35a135335aed8252b216ba4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 05:14:56 GMT
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
45649
etag
W/"6849ef68318f956d09f1db320045a33a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
XZOAI7gzimIXjifVK3QWsVp_I7Kg7AtDYQ3qQIUcbXHMbVZ6FzWKaA==
image-onboarding.png
content.webexpenses.com/assets/dist/images/ Frame A737 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/image-onboarding.png
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61980d84a2df0598e17d344e4fb07621c9d9184086815fba749f2e387aa970f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 16:21:18 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
46419
etag
"37fe1d87d20e5fde4b8bbe268c1a8b94"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
56303
x-amz-cf-id
mkSqmTuwRFHLAk-KqTf9XF4rpDe88ry66V8Bf_QrErfFE0sCGoej-g==
ELMO-Logo-2-Colour-RGB.svg
content.webexpenses.com/assets/dist/images/ Frame A737 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/ELMO-Logo-2-Colour-RGB.svg
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffd22a0680e688ce983ec3cc392ebe835702078ad141252271e28d974e419164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 07:57:57 GMT
content-encoding
br
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
76620
etag
W/"fd74e08ce8359342c75307e6fea15f8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
BvdHWttn06qJOb40Ymcsd7b8zm8Ct_6RYwFF9NAwGM4jzXamjxYS4g==
ELMO%20Homepage.png
content.webexpenses.com/assets/dist/images/ Frame A737 		342 KB
343 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/ELMO%20Homepage.png
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64b85fad9d8395a13744dfffc8388f56e7ec58de7527be1a2e4cf990c8da3979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:04:17 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
69040
etag
"a01fc0555567af6a87e8ca373f46f2fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
350103
x-amz-cf-id
V8-fD-HH7dUCVkuWHKRMluDqM67eRmb8WifRTbOV8Uv3XH2-UeIBBA==
BreatheLogo_RGB.png
content.webexpenses.com/assets/dist/images/ Frame A737 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/BreatheLogo_RGB.png
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06f77bd1c91dcd6a92722b8919c2c3f10a62318dc1185e7ee46cb7bfdf3c5038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:04:17 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
69040
etag
"81c6d41aadbf70661775d5814e15645d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
28680
x-amz-cf-id
243uT4mQGvaDIY4H2TGh3Js2e_Gnpfu-JQrwFRe3SzIZOi6Lo18L2A==
BreatheSteps.png
content.webexpenses.com/assets/dist/images/ Frame A737 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/BreatheSteps.png
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d906279f8a93a7fbb180666634f53a69d4692db752b9c2928577ebd08b3fcaed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 16:21:18 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
46419
etag
"6d300db5df0862f75bf6bf48aaad22bc"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
154046
x-amz-cf-id
pERmy7CXa02cQihbadCq4V9I3lJovk4zgGQC3uDfEJrFr_RGaee3Bw==
logo-webexpenses.svg
content.webexpenses.com/assets/dist/images/ Frame A737 		17 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/logo-webexpenses.svg
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
648ab321661695eac80fcaa6ac53b9583ad9ff61f99f68920a3f91b664fcce26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 08:42:01 GMT
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
73976
etag
W/"eb1b4868916c6436689e6fdf2cf62f62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
zuQOWpPS3hkCgg4_D2IJdE72b7VUkKPfyb6BIlY3v3MAbgyxGWxyNw==
en_badge_web_generic.png
play.google.com/intl/en_gb/badges/static/images/badges/ Frame A737 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.google.com/intl/en_gb/badges/static/images/badges/en_badge_web_generic.png
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 05:14:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Aug 2022 06:08:00 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to
{"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type
image/png
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4904
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="uxe-owners-acl/play_google"
expires
Sun, 12 Feb 2023 05:14:56 GMT
en-us.svg
apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/ Frame A737
Redirect Chain
  • https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-US?size=250x83&releaseDate=1424822400&h=f0384787c3a45d256c1d19387e8dafeb
  • https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
HTTP/1.1
Server
3.5.19.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 05:14:58 GMT
x-amz-version-id
null
Last-Modified
Wed, 29 Apr 2020 21:18:39 GMT
Server
AmazonS3
x-amz-request-id
799HACMKGX03BFQS
ETag
"2928664fe1fc6aca88583a6f606d60ba"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
10804
x-amz-id-2
HqZfMSzH4FXU05ySj91QTyl3zkkBTX75YeHzwjTYACDb7gpk7tFI3tP1ZozsPuLv621mYvubNe9eTnFqmatVpw==

Redirect headers

date
Sun, 12 Feb 2023 05:14:57 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-methods
OPTIONS, GET
content-type
text/html;charset=utf-8
location
https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
access-control-allow-origin
*
cache-control
public, max-age=604800
content-length
0
x-xss-protection
1; mode=block
expires
Sun, 19 Feb 2023 05:14:57 GMT
login-mobile-ui.jpg
content.webexpenses.com/assets/dist/images/ Frame A737 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/login-mobile-ui.jpg
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c3e55089d1502d03bbc1ab093f9945b7c7c627b4ed83e51ecd266f227666429

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 16:21:18 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
46419
etag
"7bf4338398b0aee5a419d6aefc4c86c6"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
82158
x-amz-cf-id
9zJm8GGvB9u4L7eFATOOf0Svr35Y4KjjMedyUTwWkp-LsmE5RFUygw==
app.js
content.webexpenses.com/assets/dist/ Frame A737 		367 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.webexpenses.com/assets/dist/app.js
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/slider.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1696c35d86b380229dacf03b1e77c72d10689e9a88c56ceccd914e7452a85fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/slider.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 07:23:34 GMT
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
78683
etag
W/"470c030991fe745cb95a7cefdfbb9bac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dyRNeiigSt5Tt7Y7xVIyR28HqC_DQQSbhdI6-XhApGgUaWgiCdL4hQ==
bx_loader.gif
content.webexpenses.com/assets/dist/images/vendor/bxslider/dist/ Frame A737 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.webexpenses.com/assets/dist/images/vendor/bxslider/dist/bx_loader.gif?4adbd81ab919996f3081c95b0f34915f
Requested by
Host: content.webexpenses.com
URL: https://content.webexpenses.com/assets/dist/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:7:b9bc:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.webexpenses.com/assets/dist/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 10:04:17 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 10:54:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
69040
etag
"931bdb6b50816b03206c66921760b246"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
8581
x-amz-cf-id
2GFM_jGLM-kx7xrFUI8G9EQbfb66MrSJgfegymiNy10Mn--tw8jthQ==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apple-resources.s3.amazonaws.com
content.webexpenses.com
play.google.com
tools.applemediaservices.com
2600:9000:20eb:200:7:b9bc:800:93a1
2a00:1450:4001:809::200a
2a00:1450:4001:831::200e
3.5.19.125
44.208.142.140
06f77bd1c91dcd6a92722b8919c2c3f10a62318dc1185e7ee46cb7bfdf3c5038
0a2e7967c01966ba5eea8fb5508eb5a7798ebd9f58450480df6ae43eeffc6fac
1696c35d86b380229dacf03b1e77c72d10689e9a88c56ceccd914e7452a85fa1
61980d84a2df0598e17d344e4fb07621c9d9184086815fba749f2e387aa970f8
648ab321661695eac80fcaa6ac53b9583ad9ff61f99f68920a3f91b664fcce26
64b85fad9d8395a13744dfffc8388f56e7ec58de7527be1a2e4cf990c8da3979
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
7062fe1325fa84d81b41e3c164b919357096f5bbf1a28ddc2118940031d23dac
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
94c1d3094b798293286eb0076f320594ddcdd7155d24638f79586f333bd45f40
962941ab5b13f189ee2900b327685f8befd29eca35a135335aed8252b216ba4b
9c3e55089d1502d03bbc1ab093f9945b7c7c627b4ed83e51ecd266f227666429
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
d906279f8a93a7fbb180666634f53a69d4692db752b9c2928577ebd08b3fcaed
da163dda7da123e6fa002efa5301aae14d14db8a9d854c62e4bc36e2628e3000
db1ab3142686d7cb74f3c86eb490eb3c591b1aaaadefa69fe41a7162517c58ff
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849
ffd22a0680e688ce983ec3cc392ebe835702078ad141252271e28d974e419164