urlscan.io logo urlscan.io
SecurityTrails logo

bg.vinbox3.ssl-securemobile.com Open in urlscan Pro
185.49.221.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bg.vinbox3.ssl-securemobile.com/
Effective URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 25 via api from IT — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 22 HTTP transactions. The main IP is 185.49.221.71, located in Switzerland and belongs to NTH, CH. The main domain is bg.vinbox3.ssl-securemobile.com.
TLS certificate: Issued by R3 on December 25th 2023. Valid for: 3 months.
This is the only time bg.vinbox3.ssl-securemobile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    185.49.221.71 (Switzerland)

ASN59905 (NTH, CH)
bg.vinbox3.ssl-securemobile.com
1    185.49.221.10 (Switzerland)

ASN59905 (NTH, CH)
mp.mobile-gw.com
5    91.135.69.140 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)
PTR: pulsira140.zrh7.computerline.net
content.c1-cd1.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
463 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
44 KB
5 c1-cd1.net
content.c1-cd1.net
68 KB
5 ssl-securemobile.com
bg.vinbox3.ssl-securemobile.com
7 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
84 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
34 KB
1 mobile-gw.com
mp.mobile-gw.com
207 B
22 8
Domain Requested by
5 www.google.com bg.vinbox3.ssl-securemobile.com
www.gstatic.com
www.google.com
5 content.c1-cd1.net bg.vinbox3.ssl-securemobile.com
5 bg.vinbox3.ssl-securemobile.com 4 redirects
4 www.gstatic.com www.google.com
www.gstatic.com
2 fonts.gstatic.com www.google.com
2 www.google-analytics.com bg.vinbox3.ssl-securemobile.com
www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 ajax.googleapis.com bg.vinbox3.ssl-securemobile.com
1 mp.mobile-gw.com 1 redirects
22 10

This site contains links to these domains. Also see Links.

Domain
homebg.vinbox3.ssl-securemobile.com
Subject Issuer Validity Valid
bg.vinbox3.ssl-securemobile.com
R3		 2023-12-25 -
2024-03-24		 3 months crt.sh
ccsupport.biz
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Frame ID: 71996F15380BA03E743CBC7BDCC23F1A
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
Frame ID: 34E3A215734D813C4B6DCE4EB86EE3C1
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Video Inbox

Page URL History Show full URLs

  1. http://bg.vinbox3.ssl-securemobile.com/ HTTP 302
    https://bg.vinbox3.ssl-securemobile.com/ HTTP 302
    http://mp.mobile-gw.com/mm/0/service/1545/user/6136030584 HTTP 302
    https://bg.vinbox3.ssl-securemobile.com/?tasessionid=e6s1lw9khil2eg1vrhtrsw&uid=6136030584 HTTP 302
    https://bg.vinbox3.ssl-securemobile.com/?tasessionid=8s2t91igebbj6f33cnkto4s5n&taparamid=1 HTTP 302
    https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

719 kB
Transfer

1684 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bg.vinbox3.ssl-securemobile.com/ HTTP 302
    https://bg.vinbox3.ssl-securemobile.com/ HTTP 302
    http://mp.mobile-gw.com/mm/0/service/1545/user/6136030584 HTTP 302
    https://bg.vinbox3.ssl-securemobile.com/?tasessionid=e6s1lw9khil2eg1vrhtrsw&uid=6136030584 HTTP 302
    https://bg.vinbox3.ssl-securemobile.com/?tasessionid=8s2t91igebbj6f33cnkto4s5n&taparamid=1 HTTP 302
    https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bg.vinbox3.ssl-securemobile.com/operator-choice/
Redirect Chain
  • http://bg.vinbox3.ssl-securemobile.com/
  • https://bg.vinbox3.ssl-securemobile.com/
  • http://mp.mobile-gw.com/mm/0/service/1545/user/6136030584
  • https://bg.vinbox3.ssl-securemobile.com/?tasessionid=e6s1lw9khil2eg1vrhtrsw&uid=6136030584
  • https://bg.vinbox3.ssl-securemobile.com/?tasessionid=8s2t91igebbj6f33cnkto4s5n&taparamid=1
  • https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.49.221.71 , Switzerland, ASN59905 (NTH, CH),
Reverse DNS
Software
HTTP Server 1.6 /
Resource Hash
67fc1aef5abc729d03eaf7f760ff429e663ce402dd5a69293b27a5cbe53e48ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Length
4363
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Dec 2023 08:08:50 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
HTTP Server 1.6
Vary
Accept-Encoding
X-TA-Analytics-PhpSession
decjj6q20n8956me3u2jbteos7
X-Ta-Useridentification-Identification
8s2t91igebbj6f33cnkto4s5n

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Length
3032
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Dec 2023 08:08:49 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Pragma
no-cache
Server
HTTP Server 1.6
Set-Cookie_6
authpage=AUTHPAGE-1489164101611; expires=Mon, 25-Dec-2023 09:08:50 GMT; Max-Age=3600; path=/; secure; SameSite=None;
Set-Cookie_7
dp=001; expires=Mon, 25-Dec-2023 09:08:50 GMT; Max-Age=3600; path=/; secure; SameSite=None;
Set-Cookie_8
SERVERID=c2-web5; path=/
X-TA-Analytics-PhpSession
decjj6q20n8956me3u2jbteos7
X-Ta-Useridentification-Identification
8s2t91igebbj6f33cnkto4s5n
iframe-breaker.js
content.c1-cd1.net/3193-videoinbox_bg_mpg/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.c1-cd1.net/3193-videoinbox_bg_mpg/js/iframe-breaker.js
Requested by
Host: bg.vinbox3.ssl-securemobile.com
URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.135.69.140 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
pulsira140.zrh7.computerline.net
Software
nginx /
Resource Hash
5e9630528b7a34ad00db42475e6538a521a2f4d6013f487d3bbb83403a273dfc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:08:50 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 09:45:24 GMT
server
nginx
etag
W/"5937cb34-13a3"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/x-javascript
x-node
c1-web1.int.ch
default.css
content.c1-cd1.net/3193-videoinbox_bg_mpg/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.c1-cd1.net/3193-videoinbox_bg_mpg/css/default.css?v=1
Requested by
Host: bg.vinbox3.ssl-securemobile.com
URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.135.69.140 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
pulsira140.zrh7.computerline.net
Software
nginx /
Resource Hash
b3551289e9aea6de2a37cec652b070dd8f00baa56fa6be63f14850df468cbb8c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:08:50 GMT
content-encoding
gzip
last-modified
Thu, 26 Apr 2018 09:15:22 GMT
server
nginx
etag
W/"5ae198aa-4261"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
text/css
x-node
c1-web4.int.ch
iscroll.js
content.c1-cd1.net/3193-videoinbox_bg_mpg/js/vendor/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.c1-cd1.net/3193-videoinbox_bg_mpg/js/vendor/iscroll.js
Requested by
Host: bg.vinbox3.ssl-securemobile.com
URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.135.69.140 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
pulsira140.zrh7.computerline.net
Software
nginx /
Resource Hash
567d64b86b8c269738693dc2f19560405dbf9790b62692907ec0c87daf9ac6d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:08:50 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 09:45:24 GMT
server
nginx
etag
W/"5937cb34-c028"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/x-javascript
x-node
c1-web3.int.ch
main.js
content.c1-cd1.net/3193-videoinbox_bg_mpg/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.c1-cd1.net/3193-videoinbox_bg_mpg/js/main.js
Requested by
Host: bg.vinbox3.ssl-securemobile.com
URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.135.69.140 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
pulsira140.zrh7.computerline.net
Software
nginx /
Resource Hash
9218d99c12673f29f3cf424bdb54b16a635d7ea634c31888442025ef28eeabec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:08:50 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 09:45:24 GMT
server
nginx
etag
W/"5937cb34-a6a"
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/x-javascript
x-node
c1-web4.int.ch
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: bg.vinbox3.ssl-securemobile.com
URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 12:17:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 Dec 2024 12:17:40 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1
Requested by
Host: bg.vinbox3.ssl-securemobile.com
URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c7a94c10f6652196108c50cb7b035fa9147ef40e7632c800cced6a14e3311b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 25 Dec 2023 08:08:50 GMT
xhtml_bg_tvi43_dp001.jpg
content.c1-cd1.net/3193-videoinbox_bg_mpg/pix/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.c1-cd1.net/3193-videoinbox_bg_mpg/pix/xhtml_bg_tvi43_dp001.jpg
Requested by
Host: bg.vinbox3.ssl-securemobile.com
URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.135.69.140 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
pulsira140.zrh7.computerline.net
Software
nginx /
Resource Hash
1acfad203bccd1b4fb80bd2c6a0c4ffff818e94540c84a9ed75fea021e887577

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:08:50 GMT
last-modified
Mon, 19 Feb 2018 12:32:41 GMT
server
nginx
etag
"5a8ac3e9-c550"
content-type
image/jpeg
accept-ranges
bytes
content-length
50512
x-node
c1-web3.int.ch
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bg.vinbox3.ssl-securemobile.com
URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Dec 2023 07:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1233
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 25 Dec 2023 09:48:17 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.vinbox3.ssl-securemobile.com/
Origin
https://bg.vinbox3.ssl-securemobile.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:40:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207446
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 17:40:39 GMT
collect
www.google-analytics.com/j/ 		15 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2003061147&t=pageview&_s=1&dl=https%3A%2F%2Fbg.vinbox3.ssl-securemobile.com%2Foperator-choice%2F%3Fdefault%3D1%26tasessionid%3D8s2t91igebbj6f33cnkto4s5n%26page_event%3Dfront-page-home&ul=en-us&de=UTF-8&dt=Video%20Inbox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=500246729&gjid=1881138740&cid=1071736145.1703491731&tid=UA-29290420-31&_gid=110913593.1703491731&_r=1&_slc=1&z=1218334369
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
db99a1bd54356b370beeed7c5ceb3de54cd52b8c55fd34fd8cb6bf5f6c52497c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bg.vinbox3.ssl-securemobile.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 08:08:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bg.vinbox3.ssl-securemobile.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0RPM7HVQ51&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d549b84c488d979b6ab6457b5d7413775d93382a6f21ebe94deccdcc2d08b9c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:08:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85430
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Dec 2023 08:08:50 GMT
anchor
www.google.com/recaptcha/api2/ Frame 34E3 		43 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a17ccb0f06ccd85493c442d766b41dc16748e23ef1f2a225a9a7d9daf9f387e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ImMKNZ8PpIpPO0ARrI9jBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bg.vinbox3.ssl-securemobile.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ImMKNZ8PpIpPO0ARrI9jBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 08:08:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 34E3 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 05:17:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Dec 2024 05:17:28 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 34E3 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:40:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207446
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 17:40:39 GMT
collect
region1.google-analytics.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0RPM7HVQ51&gtm=45je3bt0v9131206305&_p=1703491730720&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1071736145.1703491731&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbg.vinbox3.ssl-securemobile.com%2Foperator-choice%2F%3Fdefault%3D1%26tasessionid%3D8s2t91igebbj6f33cnkto4s5n%26page_event%3Dfront-page-home&dt=Video%20Inbox&sid=1703491730&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1320
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0RPM7HVQ51&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bg.vinbox3.ssl-securemobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Dec 2023 08:08:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bg.vinbox3.ssl-securemobile.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame 34E3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 00:14:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
28443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Dec 2024 00:14:48 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 34E3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 19:56:54 GMT
x-content-type-options
nosniff
age
562317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 25 Dec 2023 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 34E3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
290515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 34E3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 21:01:27 GMT
x-content-type-options
nosniff
age
385644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Dec 2024 21:01:27 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 34E3 		105 B
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a4d73bb86fff11e4634ec386619ff2c77371db4929269b8db5b841a11e4a5bcc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 08:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 25 Dec 2023 08:08:51 GMT
reload
www.google.com/recaptcha/api2/ Frame 34E3 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de_ch.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a77fdd9382ca34de976d909e74d842e18f65c7f44f6855e16d5339eff0297f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzspAUAAAAAFr_9aYs5Iv3aSvdAifyTygPfQZ1&co=aHR0cHM6Ly9iZy52aW5ib3gzLnNzbC1zZWN1cmVtb2JpbGUuY29tOjQ0Mw..&hl=de-CH&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=8k5u1ia6mija
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 25 Dec 2023 08:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 25 Dec 2023 08:08:51 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| IScroll function| iscroll function| formatNumber function| hideAddressBar function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| recaptcha object| closure_lm_857396 object| google_tag_manager

13 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09APYnBZUZTXkHfbATAJKp5IR8Sd9YQBre1nFX9QaUBTbzX9FGxU6tKsBH5F3QSsCqH7WqsXvyN-2E4GmLMJ1_L7U
mp.mobile-gw.com/ Name: SERVERID
Value: A
bg.vinbox3.ssl-securemobile.com/ Name: tasessionid
Value: 8s2t91igebbj6f33cnkto4s5n
bg.vinbox3.ssl-securemobile.com/ Name: 4F9AFB62DC06559D7F74EFC38135B145
Value: F5EF61CA1E560A2377DFD6C236FD3EB9
bg.vinbox3.ssl-securemobile.com/ Name: PHPSESSID
Value: decjj6q20n8956me3u2jbteos7
bg.vinbox3.ssl-securemobile.com/ Name: GAcategory
Value: Identification
bg.vinbox3.ssl-securemobile.com/ Name: authpage
Value: AUTHPAGE-1489164101611
bg.vinbox3.ssl-securemobile.com/ Name: dp
Value: 001
bg.vinbox3.ssl-securemobile.com/ Name: SERVERID
Value: c2-web2
.ssl-securemobile.com/ Name: _ga
Value: GA1.2.1071736145.1703491731
.ssl-securemobile.com/ Name: _gid
Value: GA1.2.110913593.1703491731
.ssl-securemobile.com/ Name: _gat
Value: 1
.ssl-securemobile.com/ Name: _ga_0RPM7HVQ51
Value: GS1.2.1703491730.1.0.1703491730.0.0.0

1 Console Messages

Source Level URL
Text
rendering warning URL: https://bg.vinbox3.ssl-securemobile.com/operator-choice/?default=1&tasessionid=8s2t91igebbj6f33cnkto4s5n&page_event=front-page-home(Line 18)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bg.vinbox3.ssl-securemobile.com
content.c1-cd1.net
fonts.gstatic.com
mp.mobile-gw.com
region1.google-analytics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
185.49.221.10
185.49.221.71
2001:4860:4802:34::36
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
91.135.69.140
1acfad203bccd1b4fb80bd2c6a0c4ffff818e94540c84a9ed75fea021e887577
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2c7a94c10f6652196108c50cb7b035fa9147ef40e7632c800cced6a14e3311b2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a77fdd9382ca34de976d909e74d842e18f65c7f44f6855e16d5339eff0297f4
567d64b86b8c269738693dc2f19560405dbf9790b62692907ec0c87daf9ac6d4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e9630528b7a34ad00db42475e6538a521a2f4d6013f487d3bbb83403a273dfc
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67fc1aef5abc729d03eaf7f760ff429e663ce402dd5a69293b27a5cbe53e48ea
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
9218d99c12673f29f3cf424bdb54b16a635d7ea634c31888442025ef28eeabec
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
9a17ccb0f06ccd85493c442d766b41dc16748e23ef1f2a225a9a7d9daf9f387e
a4d73bb86fff11e4634ec386619ff2c77371db4929269b8db5b841a11e4a5bcc
b3551289e9aea6de2a37cec652b070dd8f00baa56fa6be63f14850df468cbb8c
bca13f093afb3b9125c81a5735a3b12466ee2bc8240b330e2269858a8ec11edc
d549b84c488d979b6ab6457b5d7413775d93382a6f21ebe94deccdcc2d08b9c5
db99a1bd54356b370beeed7c5ceb3de54cd52b8c55fd34fd8cb6bf5f6c52497c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855