urlscan.io logo urlscan.io
SecurityTrails logo

retailers.ereceipts.co.uk Open in urlscan Pro
35.227.233.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://retailers.ereceipts.co.uk/receipts#/query
Effective URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Submission: On January 08 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 31 HTTP transactions. The main IP is 35.227.233.50, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is retailers.ereceipts.co.uk.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 5th 2022. Valid for: a year.
This is the only time retailers.ereceipts.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    35.227.233.50 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 50.233.227.35.bc.googleusercontent.com
retailers.ereceipts.co.uk
6    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
616 KB
10 ereceipts.co.uk
retailers.ereceipts.co.uk
5 MB
6 google.com
www.google.com — Cisco Umbrella Rank: 16
75 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
31 4
Domain Requested by
10 retailers.ereceipts.co.uk 1 redirects retailers.ereceipts.co.uk
9 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com retailers.ereceipts.co.uk
www.gstatic.com
www.google.com
5 fonts.gstatic.com www.google.com
2 www.google-analytics.com retailers.ereceipts.co.uk
www.google-analytics.com
31 5

This site contains no links.

Subject Issuer Validity Valid
*.ereceipts.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2022-07-05 -
2023-08-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Frame ID: EBBD3A743A05AB344092B007F7003DB8
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT&co=aHR0cHM6Ly9yZXRhaWxlcnMuZXJlY2VpcHRzLmNvLnVrOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=w0m0lkncx2od
Frame ID: 03DB49D1B1A7478D6EB6E354483334F6
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT
Frame ID: 6B6EAD5B78FAF1E3AA0756F890503576
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yocuda - Login

Page URL History Show full URLs

  1. https://retailers.ereceipts.co.uk/receipts HTTP 302
    https://retailers.ereceipts.co.uk/login?next=%2Freceipts Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

31
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

5668 kB
Transfer

7119 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://retailers.ereceipts.co.uk/receipts HTTP 302
    https://retailers.ereceipts.co.uk/login?next=%2Freceipts Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
retailers.ereceipts.co.uk/
Redirect Chain
  • https://retailers.ereceipts.co.uk/receipts
  • https://retailers.ereceipts.co.uk/login?next=%2Freceipts
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd00013843fee9106d8a6c181a2348e8c488acdc98bd4db7dd51b026169f8f77
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://www.google-analytics.com https://*.globalblue.com/; font-src 'self' data: https://fonts.gstatic.com; frame-ancestors 'self' https://login.microsoftonline.com; frame-src 'self' https://www.google.com/recaptcha/; img-src blob: data: *; script-src 'self' 'nonce-e14c0fca928282088fb2cc1efb5a75dd64a2aeec2121ce14' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src 'self' https://www.google-analytics.com https://*.globalblue.com/; font-src 'self' data: https://fonts.gstatic.com; frame-ancestors 'self' https://login.microsoftonline.com; frame-src 'self' https://www.google.com/recaptcha/; img-src blob: data: *; script-src 'self' 'nonce-e14c0fca928282088fb2cc1efb5a75dd64a2aeec2121ce14' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com
content-type
text/html; charset=UTF-8
date
Sun, 08 Jan 2023 11:24:13 GMT
ereceipts-csp-nonce
e14c0fca928282088fb2cc1efb5a75dd64a2aeec2121ce14
ereceipts-request-id
0eaf30a6ad42e3672dd43139546d9ac5
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
224
content-security-policy
default-src 'self'; connect-src 'self' https://www.google-analytics.com https://*.globalblue.com/; font-src 'self' data: https://fonts.gstatic.com; frame-ancestors 'self' https://login.microsoftonline.com; frame-src 'self' https://www.google.com/recaptcha/; img-src blob: data: *; script-src 'self' 'nonce-' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com
content-type
text/html; charset=UTF-8
date
Sun, 08 Jan 2023 11:24:13 GMT
ereceipts-request-id
434a68cd844360732ee83e146662509a
location
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
ereceipts-frontend.6aac9f23.css
retailers.ereceipts.co.uk/assets/css/ 		992 KB
512 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailers.ereceipts.co.uk/assets/css/ereceipts-frontend.6aac9f23.css
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3f5dbd104ea2dd881d425b21641c8e7a671eacc521a35543cb5a5e5e26b7fea9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
ereceipts-request-id
8cffa99b676f4457831afe55f0ade1d1
last-modified
Thu, 15 Dec 2022 14:08:30 GMT
server
nginx
etag
W/"639b2a5e-f7fd4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.0c77c99d.css
retailers.ereceipts.co.uk/assets/css/ 		124 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailers.ereceipts.co.uk/assets/css/style.0c77c99d.css
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
008564fe45cf2f02002417310007898741e235cd3902236f65d38a1b3fb03727
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
ereceipts-request-id
667c9347e4a4a9fd3c79d72788091b3c
last-modified
Thu, 15 Dec 2022 14:08:30 GMT
server
nginx
etag
W/"639b2a5e-1f1de"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
foundation-icons.ab83df10.css
retailers.ereceipts.co.uk/assets/icons/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retailers.ereceipts.co.uk/assets/icons/foundation-icons.ab83df10.css
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7156476bb219018873e0623ef454b563fb7cdda6217f25c156b2218137bc3f78
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
ereceipts-request-id
aea439fb58423958000dc98349fbbab2
last-modified
Thu, 15 Dec 2022 14:08:30 GMT
server
nginx
etag
W/"639b2a5e-4c56"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendor.d2e388b9.js
retailers.ereceipts.co.uk/assets/js/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailers.ereceipts.co.uk/assets/js/vendor.d2e388b9.js
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a75e7da74e599d64d443296f81230fd504bfdeb34695e87604bc87d03ff72fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3989778
x-xss-protection
1; mode=block
ereceipts-request-id
f8bb7a646e767630ffb9eb1fc37edc55
last-modified
Thu, 15 Dec 2022 14:08:30 GMT
server
nginx
etag
"639b2a5e-3ce112"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ereceipts.templates.fa4a6b24.js
retailers.ereceipts.co.uk/assets/js/ 		123 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailers.ereceipts.co.uk/assets/js/ereceipts.templates.fa4a6b24.js
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2f850e480d35db9e872ec2821738b783c3aa00de0d63f354d01963010f51b20f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126123
x-xss-protection
1; mode=block
ereceipts-request-id
1916dad4b7e97387ddeb818ac7b23a97
last-modified
Thu, 15 Dec 2022 14:08:30 GMT
server
nginx
etag
"639b2a5e-1ecab"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ereceipts.746ddb5d.js
retailers.ereceipts.co.uk/assets/js/ 		295 KB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retailers.ereceipts.co.uk/assets/js/ereceipts.746ddb5d.js
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe8d0ff7f9ac0aba54cc91950c12524dd76870528af7e7102dde39715a06e7c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301720
x-xss-protection
1; mode=block
ereceipts-request-id
5d1ec6410aaba0a65f2d330b872044da
last-modified
Thu, 15 Dec 2022 14:08:30 GMT
server
nginx
etag
"639b2a5e-49a98"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
api.js
www.google.com/recaptcha/ 		850 B
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Sun, 08 Jan 2023 11:24:13 GMT
yocuda-horizontal.57b44445.png
retailers.ereceipts.co.uk/assets/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retailers.ereceipts.co.uk/assets/img/yocuda-horizontal.57b44445.png
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f56afac64015b19eeca05d6e6c4295754453e9040dbcff5b384fdb49b964d7f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6869
x-xss-protection
1; mode=block
ereceipts-request-id
c7e1c40f0bf1ca20591f81026f705c58
last-modified
Thu, 15 Dec 2022 14:08:30 GMT
server
nginx
etag
"639b2a5e-1ad5"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/login?next=%2Freceipts
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retailers.ereceipts.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Jan 2023 10:27:13 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3420
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 08 Jan 2023 12:27:13 GMT
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cc1422ccdcd0e11c348fec619a47aab8fae9dd47728d55fceac2a034f6bed08

Request headers

Referer
Origin
https://retailers.ereceipts.co.uk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
font/truetype
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50398a5439f155fc49105d1bce097378f10f80bae43f54c9b5073bb73c8579db

Request headers

Referer
Origin
https://retailers.ereceipts.co.uk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
font/truetype
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://retailers.ereceipts.co.uk/
Origin
https://retailers.ereceipts.co.uk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 10:24:48 GMT
advanced-query
retailers.ereceipts.co.uk/ 		54 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://retailers.ereceipts.co.uk/advanced-query
Requested by
Host: retailers.ereceipts.co.uk
URL: https://retailers.ereceipts.co.uk/assets/js/vendor.d2e388b9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.233.50 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
50.233.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2d0837b726ba3b84bccc8fa4ebc24e45d5522563f66ea29e2adcfddf36342cb1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://www.google-analytics.com https://*.globalblue.com/; font-src 'self' data: https://fonts.gstatic.com; frame-ancestors 'self' https://login.microsoftonline.com; frame-src 'self' https://www.google.com/recaptcha/; img-src blob: data: *; script-src 'self' 'nonce-' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com

Request headers

Accept
application/json
Referer
https://retailers.ereceipts.co.uk/login?next=%2Freceipts
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ereceipts-request-id
bf40f635a50a4bde7e4417bd0bc520d9
date
Sun, 08 Jan 2023 11:24:13 GMT
content-encoding
gzip
via
1.1 google
content-security-policy
default-src 'self'; connect-src 'self' https://www.google-analytics.com https://*.globalblue.com/; font-src 'self' data: https://fonts.gstatic.com; frame-ancestors 'self' https://login.microsoftonline.com; frame-src 'self' https://www.google.com/recaptcha/; img-src blob: data: *; script-src 'self' 'nonce-' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com
server
nginx
vary
Accept-Encoding
content-type
application/json
cache-control
no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
anchor
www.google.com/recaptcha/api2/ Frame 03DB 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT&co=aHR0cHM6Ly9yZXRhaWxlcnMuZXJlY2VpcHRzLmNvLnVrOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=w0m0lkncx2od
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
94efb61953de619986f5a19cf0abdad7a4f15b9d5c5bbbfb898ffc74b2622d8c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Sq9vPujPPNqoC9-1PouRqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retailers.ereceipts.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22901
content-security-policy
script-src 'report-sample' 'nonce-Sq9vPujPPNqoC9-1PouRqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 11:24:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1453796385&t=pageview&_s=1&dl=https%3A%2F%2Fretailers.ereceipts.co.uk%2Flogin%3Fnext%3D%252Freceipts&ul=en-us&de=UTF-8&dt=Yocuda%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1855485848&gjid=1206712575&cid=921062678.1673177054&tid=UA-39124252-13&_gid=1887571980.1673177054&_r=1&_slc=1&z=591702362
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://retailers.ereceipts.co.uk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 Jan 2023 11:24:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://retailers.ereceipts.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 03DB 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT&co=aHR0cHM6Ly9yZXRhaWxlcnMuZXJlY2VpcHRzLmNvLnVrOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=w0m0lkncx2od
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 15:24:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 Jan 2024 15:24:38 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 03DB 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT&co=aHR0cHM6Ly9yZXRhaWxlcnMuZXJlY2VpcHRzLmNvLnVrOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=w0m0lkncx2od
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 10:24:48 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 03DB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:59:47 GMT
x-content-type-options
nosniff
age
404667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 10 Jan 2023 18:59:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 03DB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT&co=aHR0cHM6Ly9yZXRhaWxlcnMuZXJlY2VpcHRzLmNvLnVrOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=w0m0lkncx2od
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:21:27 GMT
x-content-type-options
nosniff
age
403367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 19:21:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 03DB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT&co=aHR0cHM6Ly9yZXRhaWxlcnMuZXJlY2VpcHRzLmNvLnVrOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=w0m0lkncx2od
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:59:48 GMT
x-content-type-options
nosniff
age
404666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 03 Jan 2024 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 03DB 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT&co=aHR0cHM6Ly9yZXRhaWxlcnMuZXJlY2VpcHRzLmNvLnVrOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=w0m0lkncx2od
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT&co=aHR0cHM6Ly9yZXRhaWxlcnMuZXJlY2VpcHRzLmNvLnVrOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=w0m0lkncx2od
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 08 Jan 2023 11:24:14 GMT
bframe
www.google.com/recaptcha/api2/ Frame 6B6E 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a1fa737b255d4bc8c546dbb4075591f8f4796ba8527816a75fc95d03d9b9395
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xTpLbJA7cgObmuPvGrjOhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retailers.ereceipts.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1117
content-security-policy
script-src 'report-sample' 'nonce-xTpLbJA7cgObmuPvGrjOhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 08 Jan 2023 11:24:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 6B6E 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 15:24:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158376
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 Jan 2024 15:24:38 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 6B6E 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 10:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 08 Jan 2024 10:24:48 GMT
reload
www.google.com/recaptcha/api2/ Frame 6B6E 		39 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ada0194de51e4cce417a282f9025720962f1526931ce7a36536a3323e3fd984e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 08 Jan 2023 11:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23991
x-xss-protection
1; mode=block
expires
Sun, 08 Jan 2023 11:24:14 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6B6E 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 08:44:59 GMT
x-content-type-options
nosniff
age
355155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 11 Jan 2023 08:44:59 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6B6E 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 23:42:15 GMT
x-content-type-options
nosniff
age
474119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 09 Jan 2023 23:42:15 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 6B6E 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 15:32:43 GMT
x-content-type-options
nosniff
age
71491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 14 Jan 2023 15:32:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6B6E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:21:27 GMT
x-content-type-options
nosniff
age
403367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 19:21:27 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6B6E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 06:37:10 GMT
x-content-type-options
nosniff
age
190024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 06 Jan 2024 06:37:10 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6B6E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 18:59:48 GMT
x-content-type-options
nosniff
age
404666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 03 Jan 2024 18:59:48 GMT
payload
www.google.com/recaptcha/api2/ Frame 6B6E 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AD1IbLCTrpiIrXyNtVz9gt11oY6IXS1wXjISQvKnx5nkyA5QvSEB0NRQ0iE-t6tRE15tGo0R1WsAMBGESEXGT93sV0uKfXn7snfW2hGeC5di4kF2yXVISKRrByAXEfvCxuNrwvU6bzN8C8LeL3-qINEy_evyMl_ejRcZbbGo3FNBV0GslUP8T4DGVJUENDtjIn0diUOcSbAeUFQ4OOvas1xcKobvBfDOjA&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1f0735adedcaa9a9018321139d0d9f12706d7324fa922ae9391769e4713a8697
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LcbbdYZAAAAAPDYPqxSCwS3YNUh7Obmd8W5JjlT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 11:24:14 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27160
x-xss-protection
1; mode=block
expires
Sun, 08 Jan 2023 11:24:14 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange function| libFuncName object| jsonpatch object| iso31661Alpha3ToAlpha2 function| $ function| jQuery function| _ object| angular function| moment function| numeral object| Highcharts object| Foundation object| Modernizr object| prl object| intlTelInputUtils object| ace function| JSONEditor object| FilePond object| __framePainter function| FilePondPluginFileValidateType function| FilePondPluginImageValidateSize object| React object| ReactDOM function| setImmediate function| clearImmediate object| Survey object| eReceipts boolean| angularDebug function| login_submit string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_844783 object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJ4Tk-4JH69LCG86kTSTdMzfsJ9MYrjkT6WA3h1JFIj8qTU2T5MExyerMnweXIuEUk4hknNCnKL_iVXKiVJFbVM
retailers.ereceipts.co.uk/ Name: s
Value: AB5lTWTVyNTO0DzZQNKdfDY73FYfEf7Qo0YKNpIiHYzxJuxWzBVKsIodJw69lDgx.Y7qn3Q.3fAyPEX3fVl1lVRtDjGtqsGcnL9KfNyhSSaBsJA9e7Q
.ereceipts.co.uk/ Name: _ga
Value: GA1.3.921062678.1673177054
.ereceipts.co.uk/ Name: _gid
Value: GA1.3.1887571980.1673177054
.ereceipts.co.uk/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://retailers.ereceipts.co.uk/advanced-query
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://www.google-analytics.com https://*.globalblue.com/; font-src 'self' data: https://fonts.gstatic.com; frame-ancestors 'self' https://login.microsoftonline.com; frame-src 'self' https://www.google.com/recaptcha/; img-src blob: data: *; script-src 'self' 'nonce-e14c0fca928282088fb2cc1efb5a75dd64a2aeec2121ce14' data: https://www.google-analytics.com https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
retailers.ereceipts.co.uk
www.google-analytics.com
www.google.com
www.gstatic.com
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2003
2a00:1450:4001:831::2004
2a00:1450:400d:807::200e
35.227.233.50
008564fe45cf2f02002417310007898741e235cd3902236f65d38a1b3fb03727
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f0735adedcaa9a9018321139d0d9f12706d7324fa922ae9391769e4713a8697
2d0837b726ba3b84bccc8fa4ebc24e45d5522563f66ea29e2adcfddf36342cb1
2f850e480d35db9e872ec2821738b783c3aa00de0d63f354d01963010f51b20f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f5dbd104ea2dd881d425b21641c8e7a671eacc521a35543cb5a5e5e26b7fea9
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4a1fa737b255d4bc8c546dbb4075591f8f4796ba8527816a75fc95d03d9b9395
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4cc1422ccdcd0e11c348fec619a47aab8fae9dd47728d55fceac2a034f6bed08
50398a5439f155fc49105d1bce097378f10f80bae43f54c9b5073bb73c8579db
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a75e7da74e599d64d443296f81230fd504bfdeb34695e87604bc87d03ff72fa
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
7156476bb219018873e0623ef454b563fb7cdda6217f25c156b2218137bc3f78
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
94efb61953de619986f5a19cf0abdad7a4f15b9d5c5bbbfb898ffc74b2622d8c
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ada0194de51e4cce417a282f9025720962f1526931ce7a36536a3323e3fd984e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd00013843fee9106d8a6c181a2348e8c488acdc98bd4db7dd51b026169f8f77
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f56afac64015b19eeca05d6e6c4295754453e9040dbcff5b384fdb49b964d7f4
fe8d0ff7f9ac0aba54cc91950c12524dd76870528af7e7102dde39715a06e7c5