urlscan.io logo urlscan.io
SecurityTrails logo

staging-qbwc.termsync.com Open in urlscan Pro
34.232.21.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://staging-qbwc.termsync.com/
Effective URL: https://staging-qbwc.termsync.com/login
Submission: On March 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 34.232.21.185, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is staging-qbwc.termsync.com.
TLS certificate: Issued by Amazon on March 29th 2022. Valid for: a year.
This is the only time staging-qbwc.termsync.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.232.21.185 14618 (AMAZON-AES)
4 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
11 4
Apex Domain
Subdomains		 Transfer
6 termsync.com
staging-qbwc.termsync.com
cdn-staging.termsync.com
503 KB
5 gstatic.com
fonts.gstatic.com
212 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
11 3
Domain Requested by
5 fonts.gstatic.com fonts.googleapis.com
4 cdn-staging.termsync.com staging-qbwc.termsync.com
2 staging-qbwc.termsync.com 1 redirects
1 fonts.googleapis.com cdn-staging.termsync.com
11 4

This site contains no links.

Subject Issuer Validity Valid
staging.termsync.com
Amazon		 2022-03-29 -
2023-04-27		 a year crt.sh
*.termsync.com
Amazon		 2022-02-18 -
2023-03-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://staging-qbwc.termsync.com/login
Frame ID: 9B39D4503584C213432E97A444DAB602
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://staging-qbwc.termsync.com/ HTTP 302
    https://staging-qbwc.termsync.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

717 kB
Transfer

3197 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://staging-qbwc.termsync.com/ HTTP 302
    https://staging-qbwc.termsync.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
staging-qbwc.termsync.com/
Redirect Chain
  • https://staging-qbwc.termsync.com/
  • https://staging-qbwc.termsync.com/login
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging-qbwc.termsync.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.21.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-21-185.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a197162a1a5c8e02e18a673343d6f699b01994cc0973279ba170cfc982d8117c
Security Headers
Name Value
Content-Security-Policy child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com https://*.walkme.com
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com https://*.walkme.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 29 Mar 2022 20:36:19 GMT
content-type
text/html; charset=utf-8
content-length
2727
server
Apache
cache-control
no-cache, no-store
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
0a542633-277a-4679-b2f7-6a0a2c80c06f
x-webkit-csp
child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com https://*.walkme.com
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-runtime
0.032931
x-content-type-options
nosniff
content-security-policy
child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com https://*.walkme.com
x-content-security-policy
child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com https://*.walkme.com
strict-transport-security
max-age=31536000
etag
W/"a197162a1a5c8e02e18a673343d6f699-gzip"
status
200 OK
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
https://staging.termsync.com

Redirect headers

date
Tue, 29 Mar 2022 20:36:19 GMT
content-type
text/html; charset=iso-8859-1
content-length
223
location
https://staging-qbwc.termsync.com/login
server
Apache
strict-transport-security
max-age=31536000
application-844ce97f5d3a8fe641a0ad7331e1066c5c039d73da56da9bfbad183b679ff262.css
cdn-staging.termsync.com/assets/v3/ 		248 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-staging.termsync.com/assets/v3/application-844ce97f5d3a8fe641a0ad7331e1066c5c039d73da56da9bfbad183b679ff262.css
Requested by
Host: staging-qbwc.termsync.com
URL: https://staging-qbwc.termsync.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:cc00:14:eb69:1900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0948b51445588713bdc4dd6d5d541cf0ca32cb86228135ed89f766c78c23c786

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-qbwc.termsync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:35:41 GMT
content-encoding
br
last-modified
Tue, 22 Mar 2022 17:09:26 GMT
server
AmazonS3
age
39
etag
W/"34bd9b5e03111a70a023775ba9015af5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
K4OBgUPUa2uxugJqJV34F2IlcSIUD3w4YxeJa4vrDgcBUoduoQBCig==
application-ef06d50b539389d8247e.js
cdn-staging.termsync.com/packs/js/ 		2 MB
388 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-staging.termsync.com/packs/js/application-ef06d50b539389d8247e.js
Requested by
Host: staging-qbwc.termsync.com
URL: https://staging-qbwc.termsync.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:cc00:14:eb69:1900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6cb27ceed1cb5ff7ae70d7703e60fd0870deb223934b8777b4d8dacad48108d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-qbwc.termsync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:35:41 GMT
content-encoding
br
last-modified
Thu, 24 Mar 2022 18:33:12 GMT
server
AmazonS3
age
39
etag
W/"958e0b59397ad51f2e7236cb34482c1c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
k37ntkTwD_RXz1Xp9NDutCwFyfP2Xyp_spoA0rzqgEvzy1Kk65axHg==
sprinkle-d879aae75cc5fc76567bb784b295591d2ae016721e5f4e58e052319c29ced0e4.js
cdn-staging.termsync.com/assets/v3/ 		203 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-staging.termsync.com/assets/v3/sprinkle-d879aae75cc5fc76567bb784b295591d2ae016721e5f4e58e052319c29ced0e4.js
Requested by
Host: staging-qbwc.termsync.com
URL: https://staging-qbwc.termsync.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:cc00:14:eb69:1900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d879aae75cc5fc76567bb784b295591d2ae016721e5f4e58e052319c29ced0e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-qbwc.termsync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:35:41 GMT
content-encoding
br
last-modified
Tue, 15 Mar 2022 17:57:42 GMT
server
AmazonS3
age
39
etag
W/"d8f9a71dcd6f2ad64d5b52454176e04a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Te0mT9e1_dfcgO6lhCg7QXstd-vKP5XCwcbeQOX5fsAvrM8EQaXWeQ==
logo_ts_esker_white-1d725b308be19a2896395a3f34318b5232bbde9c9dbebd3fdec9a87532530fcd.png
cdn-staging.termsync.com/assets/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-staging.termsync.com/assets/logo_ts_esker_white-1d725b308be19a2896395a3f34318b5232bbde9c9dbebd3fdec9a87532530fcd.png
Requested by
Host: staging-qbwc.termsync.com
URL: https://staging-qbwc.termsync.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:cc00:14:eb69:1900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d725b308be19a2896395a3f34318b5232bbde9c9dbebd3fdec9a87532530fcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-qbwc.termsync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:35:42 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Thu, 24 Feb 2022 21:25:20 GMT
server
AmazonS3
age
38
etag
"cf62aba744997be18ed6ee221308749e"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
11718
x-amz-cf-id
O8vsVavr8Wq3GspCQM-yaYDykTiEUVZDxExYxRPtF3SrY_KJyxO3sw==
css
fonts.googleapis.com/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700%7CMaterial+Icons:+400%7CRoboto:100,300,400,600,700
Requested by
Host: cdn-staging.termsync.com
URL: https://cdn-staging.termsync.com/assets/v3/sprinkle-d879aae75cc5fc76567bb784b295591d2ae016721e5f4e58e052319c29ced0e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc36bfe235ddb4ffa3d963a33b14efea30a6d33b5437ff088391dcb6fa2d8f31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://staging-qbwc.termsync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 20:36:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 20:36:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 20:36:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700%7CMaterial+Icons:+400%7CRoboto:100,300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging-qbwc.termsync.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 17:56:19 GMT
x-content-type-options
nosniff
age
528000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 17:56:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700%7CMaterial+Icons:+400%7CRoboto:100,300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging-qbwc.termsync.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:46:21 GMT
x-content-type-options
nosniff
age
413398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Mar 2023 01:46:21 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700%7CMaterial+Icons:+400%7CRoboto:100,300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging-qbwc.termsync.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 17:58:32 GMT
x-content-type-options
nosniff
age
527867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 17:58:32 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700%7CMaterial+Icons:+400%7CRoboto:100,300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging-qbwc.termsync.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:45:07 GMT
x-content-type-options
nosniff
age
597072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:45:07 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v126/ 		121 KB
122 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v126/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700%7CMaterial+Icons:+400%7CRoboto:100,300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://staging-qbwc.termsync.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:57:23 GMT
x-content-type-options
nosniff
age
92336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124372
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 18:26:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 18:57:23 GMT

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| Modernizr object| Gumby object| d3 function| SVGPathSeg function| SVGPathSegClosePath function| SVGPathSegMovetoAbs function| SVGPathSegMovetoRel function| SVGPathSegLinetoAbs function| SVGPathSegLinetoRel function| SVGPathSegCurvetoCubicAbs function| SVGPathSegCurvetoCubicRel function| SVGPathSegCurvetoQuadraticAbs function| SVGPathSegCurvetoQuadraticRel function| SVGPathSegArcAbs function| SVGPathSegArcRel function| SVGPathSegLinetoHorizontalAbs function| SVGPathSegLinetoHorizontalRel function| SVGPathSegLinetoVerticalAbs function| SVGPathSegLinetoVerticalRel function| SVGPathSegCurvetoCubicSmoothAbs function| SVGPathSegCurvetoCubicSmoothRel function| SVGPathSegCurvetoQuadraticSmoothAbs function| SVGPathSegCurvetoQuadraticSmoothRel function| SVGPathSegList object| Esker function| setImmediate function| clearImmediate undefined| airbrake object| core number| uidEvent function| jQuery function| $ function| _ function| moment object| accounting object| I18n object| c3 function| Bloodhound boolean| _rails_loaded function| generateTicks function| prepare_message_templates function| load_message_template function| SendAMessageModal function| toggleNewContactForm function| toggleBillingItemIdFields function| initBillingItemIdFields function| initializeNewUserSuccess function| appendError function| createCheckboxListener function| initializeNewUserError function| LogAMessageModal function| Notebox function| WriteANoteModal function| SendPostalMailModal function| WriteACreditApplicationNoteModal function| attachment_field_setup function| forward_attachments_setup function| resize_tasks_divs function| disableButton function| enableButton function| setupDatepickers function| cycle function| reset_cycle function| truncate function| display_date function| display_time function| parse_datetime function| users_timezone function| display_datepicker_date function| tooltip_defaults function| titleize function| truncate_with_ellipsis function| reset_name_fields function| find_display_field function| name_to_edit function| createSortableColumnChoosers function| createSortableColumnChooser function| build_ar_aging_graph function| prepare_payment_details_links function| Address function| amount_picker_change_handler object| base64 function| Opentip boolean| firstAdapter function| mouseMoved object| mousePosition object| mousePositionObservers string| position object| vendors number| _i number| _len object| _ref function| __slice function| __indexOf function| __hasProp function| TSAutocomplete function| TSCurrencyBreakdown object| TSGumbyModalCloseHandler undefined| message_signature boolean| Ba object| webfont object| WebFont object| JST function| AutoComplete object| ts_cycles

1 Cookies

Domain/Path Name / Value
.termsync.com/ Name: staging_session_id
Value: 85576db22ece96c1f08a6e08e399bfe4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com https://*.walkme.com
Strict-Transport-Security max-age=31536000
X-Content-Security-Policy child-src 'self' https://*.docusign.com https://*.docusign.net https://*.trustcommerce.com https://*.slimpay.net https://*.slimpay.com https://*.windriverfinancialgateway.com https://*.walkme.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block