express.culqi.com Open in urlscan Pro
18.173.187.99  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 1DC7EG6W3Q Show response express.culqi.com/pago/	1 KB 1 KB	787ms 651ms	Document text/html	18.173.187.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://express.culqi.com/pago/1DC7EG6W3Q Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.173.187.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-99.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 8a0cc252265a4a1c1e517dd3948ed910cea3bbae142439dcbfb4d3443d89974e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Age 4475 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 22 Oct 2024 01:47:45 GMT ETag W/"ad5a528a7d916b26914aff11ffc89ae7" Last-Modified Thu, 17 Oct 2024 02:11:49 GMT Referrer-Policy no-referrer Server AmazonS3 Strict-Transport-Security max-age=63072000; includeSubDomains Transfer-Encoding chunked Vary Accept-Encoding Via 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront) X-Amz-Cf-Id WZp7jojq9JrVt-aGeWVLQhq6izT8nPbJeip1c6thNDgMaCvzdVdbOg== X-Amz-Cf-Pop MUC50-P4 X-Cache Error from cloudfront X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-XSS-Protection 1; mode=block x-amz-server-side-encryption AES256
GET H3	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/	70 KB 5 KB	93ms 32ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css Requested by Host: express.culqi.com URL: https://express.culqi.com/pago/1DC7EG6W3Q Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://express.culqi.com Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5f5628a2-11846" age 11491 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U84Q%2B07URh5TeMX7dO3qTns1N28HVMFiOPLDzenaGPwPLrMFOIdrN9brWRmAtgW6K7CLvVTYDvhTXN39dcTH4CHz1qTt4ZKJ06eyZlplHayROsjIfNz0p3aBdA4y6NdZOHUZ1ZdOODE0VWeaY6Hdg4QB"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Sun, 12 Oct 2025 03:02:19 GMT alt-svc h3=":443"; ma=86400 date Tue, 22 Oct 2024 03:02:19 GMT content-type text/css; charset=utf-8 last-modified Mon, 07 Sep 2020 12:33:38 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8d663f71d803996f-FRA accept-ranges bytes access-control-allow-origin * content-length 4216 server cloudflare
GET H/1.1	200 OK	index-OZwhZqCh.js Show response express.culqi.com/assets/	2 MB 406 KB	56ms 53ms	Script text/javascript	18.173.187.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://express.culqi.com/assets/index-OZwhZqCh.js Requested by Host: express.culqi.com URL: https://express.culqi.com/pago/1DC7EG6W3Q Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.173.187.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-99.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash f0af8e652c3ef93757f09fa4ac5c7952978d51d6cdbe51ee611729babe28d0bf Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://express.culqi.com Referer Response headers Content-Encoding gzip ETag W/"7cfdbad78f83ef1b267b4ecb4332c49b" Age 41682 X-Permitted-Cross-Domain-Policies none X-Content-Type-Options nosniff X-Cache Hit from cloudfront X-Amz-Cf-Id b5tbupmdUY3B_I8ZnKcH44T3rQ1-6oSzBq4zqXP16DnyGvfjN3zKug== Date Mon, 21 Oct 2024 15:27:38 GMT Content-Type text/javascript Vary Accept-Encoding Last-Modified Thu, 17 Oct 2024 02:11:48 GMT X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains Connection keep-alive Referrer-Policy no-referrer Via 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront) X-XSS-Protection 1; mode=block X-Amz-Cf-Pop MUC50-P4 Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	index-BXbhMD4p.css express.culqi.com/assets/	236 KB 90 KB	123ms 46ms	Stylesheet text/css	18.173.187.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://express.culqi.com/assets/index-BXbhMD4p.css Requested by Host: express.culqi.com URL: https://express.culqi.com/pago/1DC7EG6W3Q Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.173.187.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-99.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash ef8fca971dd8fb6c5e93148d47e3a78ed0b92cba6edbe34afd6673c05c895ada Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://express.culqi.com Referer Response headers Content-Encoding gzip ETag W/"124e6ff1c3a0436a9c13ce756b3e5e87" Age 33697 X-Permitted-Cross-Domain-Policies none X-Content-Type-Options nosniff X-Cache Hit from cloudfront X-Amz-Cf-Id sQAwFQ6vPV_gnXPSvwsxLTEuhMd55hSOOpoRh9jJpuyyQc5wyufvpA== Date Mon, 21 Oct 2024 17:40:42 GMT Content-Type text/css Vary Accept-Encoding Last-Modified Thu, 17 Oct 2024 02:11:48 GMT X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains Connection keep-alive Referrer-Policy no-referrer Via 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront) X-XSS-Protection 1; mode=block X-Amz-Cf-Pop MUC50-P4 Server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	css2 fonts.googleapis.com/	6 KB 1022 B	332ms 31ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@300;400;500;600;700&display=swap Requested by Host: express.culqi.com URL: https://express.culqi.com/assets/index-BXbhMD4p.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b1d878f7e5d3941eb2758e663f49ed978d4eadf92e9be870798a762a0bfe23b5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 22 Oct 2024 03:02:19 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 22 Oct 2024 03:02:19 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 22 Oct 2024 02:31:09 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	[object%20Object] express.culqi.com/pago/	1 KB 1 KB	648ms 647ms	Image text/html	18.173.187.99 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://express.culqi.com/pago/[object%20Object] Requested by Host: express.culqi.com URL: https://express.culqi.com/pago/1DC7EG6W3Q Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.173.187.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-99.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Encoding gzip ETag W/"ad5a528a7d916b26914aff11ffc89ae7" Age 4476 X-Permitted-Cross-Domain-Policies none X-Content-Type-Options nosniff X-Cache Error from cloudfront X-Amz-Cf-Id aThnTZKSpl-j7Q6mCgxJCh7xPBEZs36pssR2AxK2ARMRHKeeyjgzyA== Date Tue, 22 Oct 2024 01:47:45 GMT Content-Type text/html Vary Accept-Encoding Last-Modified Thu, 17 Oct 2024 02:11:49 GMT X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains Connection keep-alive Referrer-Policy no-referrer Via 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront) X-XSS-Protection 1; mode=block X-Amz-Cf-Pop MUC50-P4 Server AmazonS3 x-amz-server-side-encryption AES256
GET H3	200	K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2 fonts.gstatic.com/s/lexenddeca/v21/	35 KB 35 KB	92ms 20ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lexenddeca/v21/K2F1fZFYk-dHSE0UPPuwQ5qnJy8.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@300;400;500;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3f6d622a8af1497a7fbacb9a692250314000820e051e06082b40c7f44c24e152 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://express.culqi.com Referer https://fonts.googleapis.com/ Response headers age 515439 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 16 Oct 2025 03:51:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 16 Oct 2024 03:51:40 GMT last-modified Mon, 20 Mar 2023 21:42:02 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 36232 x-xss-protection 0 server sffe
POST H2	200	getLinkInfo Show response ag-express.culqi.com/express/public/payment/	660 B 929 B	285ms 284ms	XHR application/json	18.211.70.238 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ag-express.culqi.com/express/public/payment/getLinkInfo Requested by Host: express.culqi.com URL: https://express.culqi.com/assets/index-OZwhZqCh.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.211.70.238 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-211-70-238.compute-1.amazonaws.com Software / Resource Hash fa190e7c52efe8c456d18c5a1e10464b9fe54c6d6d374c0fa477550b82b92305 Request headers Authorization Bearer oU6o7cGBvDoNOK8svf9/YDTgeJpDigHxxjQFga32lIwxsfyXjKoEdU552haAGQIQtBM6Gga5MTZ7Dw2648sBxMRWket9bx34MLuIyhCzA7HauCmHXSvWFz1HSHKOE1ikVT9/ZQQiFj+/R0j1NUKFUU2Vh2pNDJ3X1n0yU01Up70=.YrdoX8BAq6I+y8k9P8gS4kwW7vKSK2h3AhTI0EZgxlNSTjtKnbXfsozPyPWI1e+47BW+a3fjoYTJJTgD/7920U0Yl3jr2F7VuwvIiiXvXAdriAj/gaURcPkv2kgoBPQ5smAlenzI+tFCd6o5LdlTkmdRIsoj3yIhQcn7LXbV7bQ=.hDyJ33HEmQrCXcpYkLBNziFznKvRM5L0aeaIJChtG2VkYD/gj7dbmtix6V/nevgRJtJcJVuadUvuYK6MHWEoVLp8fJV8f7MQFFDjjC4sgCfltgvfU7To/mP8OugwMRhNWtFo4sMZQ48UBa2uBAvW7NWkuMzFGKRXYxYVTpPszIo=.1CqJHIAdYZkHV0w6EDB+JZ/JTApCbeqrd7bing9nsxqnsISnVir+PRHoaDYVcHktmIJIfqOwPPlX9y8hE0Cym3rVbkHPuSX7nqaM3sRB4PolaRliCbrRSJpYmLRRnXTB X-CULQI-LANG es X-CULQI-ENV live Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Content-Type application/json Response headers x-amz-apigw-id ACBVfF07IAMELUQ= x-amzn-trace-id Root=1-671715bc-250d37125baff440022da5b8 access-control-allow-methods * x-amzn-requestid 565cc18c-5edb-42fd-872e-139636ae1885 access-control-allow-origin https://express.culqi.com content-length 660 date Tue, 22 Oct 2024 03:02:20 GMT content-type application/json access-control-allow-headers *
OPTIONS H2	200	getLinkInfo ag-express.culqi.com/express/public/payment/ Frame	0 0	389ms 115ms	Preflight application/json	18.211.70.238 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ag-express.culqi.com/express/public/payment/getLinkInfo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.211.70.238 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-211-70-238.compute-1.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,x-culqi-env,x-culqi-lang Access-Control-Request-Method POST Origin https://express.culqi.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token, X-CULQI-LANG, X-CULQI-ENV, X-CULQI-SESSION-EXPRESS access-control-allow-methods GET,OPTIONS,POST access-control-allow-origin * content-length 0 content-type application/json date Tue, 22 Oct 2024 03:02:20 GMT x-amz-apigw-id ACBVeGcRoAMEEzA= x-amzn-requestid 26d3c026-1271-476b-8972-e2e706fd8b5b x-amzn-trace-id Root=1-671715bc-0f074f9048874cb419e79130
GET H/1.1	200 OK	brand.svg culqi.com/assets/images/brand/	5 KB 2 KB	162ms 51ms	Other image/svg+xml	52.85.65.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://culqi.com/assets/images/brand/brand.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.85.65.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-65-61.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 0c19a76f117a19a9e86020b008435cab7b21988df820a15d7a8f24643fc1b4fc Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Encoding gzip ETag W/"998446796b46d06b8bc596624ef72ec4" Age 8815 X-Content-Type-Options nosniff X-Cache Hit from cloudfront X-Amz-Cf-Id WFuIHDkatstNeWtCNAiu4SfFOechDFA_F6aBfMxkKrBl1ZamWFPBJA== Date Tue, 22 Oct 2024 00:35:26 GMT Content-Type image/svg+xml Last-Modified Tue, 22 Oct 2024 00:04:31 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains Connection keep-alive Referrer-Policy no-referrer Via 1.1 2ba0d127e96dd7ba71375daa47032990.cloudfront.net (CloudFront) X-Amz-Cf-Pop MUC50-P6 Server AmazonS3
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 991 B	79ms 31ms	Script text/javascript	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit Requested by Host: express.culqi.com URL: https://express.culqi.com/assets/index-OZwhZqCh.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 84b7c82322f8fc618b0d8f72a1c25cf6898e661e127aa70e6195b8758c71d8ac Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Tue, 22 Oct 2024 03:02:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Tue, 22 Oct 2024 03:02:20 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET DATA	200 OK	truncated /	18 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/	546 KB 217 KB	107ms 24ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://express.culqi.com Referer Response headers content-encoding gzip age 323471 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Sat, 18 Oct 2025 09:11:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 18 Oct 2024 09:11:09 GMT last-modified Mon, 14 Oct 2024 18:32:27 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 221971 x-xss-protection 0 server sffe
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 7C74	0 0	97ms 54ms	Document text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrMJkpAAAAAFshIcMcTecsxdGp8j2exKHsQHRY&co=aHR0cHM6Ly9leHByZXNzLmN1bHFpLmNvbTo0NDM.&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=wftwehirp2te Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-J2inQmugj0DAI7cWFUWq3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-J2inQmugj0DAI7cWFUWq3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Tue, 22 Oct 2024 03:02:21 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H3	200	bframe www.google.com/recaptcha/api2/ Frame 06B8	0 0	35ms 35ms	Document text/html	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6LcrMJkpAAAAAFshIcMcTecsxdGp8j2exKHsQHRY Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eji70cnzzPkGucfEnJrpcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-eji70cnzzPkGucfEnJrpcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Tue, 22 Oct 2024 03:02:21 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ function| onloadCallback boolean| __VUE__ function| Buffer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_80299

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-21 04:45:18	Name: _GRECAPTCHA Value: 09AGteOyoP0psi5Leb-CKAgf6YdwM_fceetmOWTU3zmg95CZ_a0hVvbIZ2rdXKIGMQqCDSVnVC-97QbWeVtjXhk4U

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ag-express.culqi.com
cdnjs.cloudflare.com
culqi.com
express.culqi.com
fonts.googleapis.com
fonts.gstatic.com
www.google.com
www.gstatic.com
18.173.187.99
18.211.70.238
2606:4700::6811:180e
2a00:1450:4001:813::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
52.85.65.61
0c19a76f117a19a9e86020b008435cab7b21988df820a15d7a8f24643fc1b4fc
3f6d622a8af1497a7fbacb9a692250314000820e051e06082b40c7f44c24e152
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01
84b7c82322f8fc618b0d8f72a1c25cf6898e661e127aa70e6195b8758c71d8ac
8a0cc252265a4a1c1e517dd3948ed910cea3bbae142439dcbfb4d3443d89974e
9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af
b1d878f7e5d3941eb2758e663f49ed978d4eadf92e9be870798a762a0bfe23b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef8fca971dd8fb6c5e93148d47e3a78ed0b92cba6edbe34afd6673c05c895ada
f0af8e652c3ef93757f09fa4ac5c7952978d51d6cdbe51ee611729babe28d0bf
fa190e7c52efe8c456d18c5a1e10464b9fe54c6d6d374c0fa477550b82b92305