urlscan.io logo urlscan.io
SecurityTrails logo

google.login.premo.biz Open in urlscan Pro
64.90.41.87  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.google.login.premo.biz/
Effective URL: https://google.login.premo.biz/
Submission: On October 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 64.90.41.87, located in United States and belongs to DREAMHOST-AS, US. The main domain is google.login.premo.biz.
TLS certificate: Issued by R3 on August 11th 2021. Valid for: 3 months.
This is the only time google.login.premo.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 64.90.41.87 26347 (DREAMHOST-AS)
2 64.90.40.181 26347 (DREAMHOST-AS)
3 142.250.185.173 15169 (GOOGLE)
2 142.250.181.227 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
9 5
2    64.90.41.87 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-adamant.cottagegrove.dreamhost.com
www.google.login.premo.biz
google.login.premo.biz
2    64.90.40.181 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-grog.cottagegrove.dreamhost.com
includes.premo.biz
3    142.250.185.173 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f13.1e100.net
accounts.google.com
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
ssl.gstatic.com
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
3 accounts.google.com google.login.premo.biz
2 ssl.gstatic.com accounts.google.com
2 includes.premo.biz google.login.premo.biz
1 fonts.gstatic.com
1 google.login.premo.biz
1 www.google.login.premo.biz 1 redirects
9 6

This site contains links to these domains. Also see Links.

Domain
developers.google.com
Subject Issuer Validity Valid
www.google.login.premo.biz
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
www.includes.premo.biz
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://google.login.premo.biz/
Frame ID: 946ED833CCA1E933B368E362DEE7ED56
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=738575031526-ao3lfhchv101de60i7m0ful7t19fl3tg.apps.googleusercontent.com&iframe_id=gsi_90289_40539&as=D8IiJtnekzUN8oWUSTWwbQ
Frame ID: 52F8C6D81B01766303054745BA92FDDA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Google.Login.Premo.biz

Page URL History Show full URLs

  1. https://www.google.login.premo.biz/ HTTP 301
    https://google.login.premo.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
  • accounts\.google\.com/gsi/client

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

5
IPs

1
Countries

169 kB
Transfer

424 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.google.login.premo.biz/ HTTP 301
    https://google.login.premo.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google.login.premo.biz/
Redirect Chain
  • https://www.google.login.premo.biz/
  • https://google.login.premo.biz/
2 KB
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google.login.premo.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.90.41.87 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-adamant.cottagegrove.dreamhost.com
Software
Apache /
Resource Hash
5a5d1bd28f8dcf8ac98ede874eb273f73dddd07987007138fc71cedc122a465c

Request headers

:method
GET
:authority
google.login.premo.biz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 20:34:49 GMT
server
Apache
cache-control
max-age=600
expires
Tue, 05 Oct 2021 20:44:49 GMT
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
867
content-type
text/html; charset=utf-8

Redirect headers

date
Tue, 05 Oct 2021 20:34:49 GMT
server
Apache
location
https://google.login.premo.biz/
content-length
239
content-type
text/html; charset=iso-8859-1
jquery.php
includes.premo.biz/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includes.premo.biz/jquery.php
Requested by
Host: google.login.premo.biz
URL: https://google.login.premo.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.90.40.181 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-grog.cottagegrove.dreamhost.com
Software
Apache /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google.login.premo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 20:34:50 GMT
cache-control
max-age=2592000
expires
Thu, 04 Nov 2021 20:34:50 GMT
server
Apache
content-encoding
gzip
vary
Accept-Encoding,User-Agent
content-type
application/javascript
c.js
includes.premo.biz/ 		1 KB
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://includes.premo.biz/c.js
Requested by
Host: google.login.premo.biz
URL: https://google.login.premo.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.90.40.181 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
apache2-grog.cottagegrove.dreamhost.com
Software
Apache /
Resource Hash
f107f1c0cb77426eed1c11c7413ee4cf467737cd5cccd9bcf74b48b83896e6e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google.login.premo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 20:34:50 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2017 20:24:48 GMT
server
Apache
etag
"4f3-55bc3ea288e4a-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
376
expires
Thu, 04 Nov 2021 20:34:50 GMT
client
accounts.google.com/gsi/ 		183 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: google.login.premo.biz
URL: https://google.login.premo.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f13.1e100.net
Software
ESF /
Resource Hash
6fdecd69c9164ada10cd22cb537cbdf94988e8f2e845d4776be526d7505d7099
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7FWZqTsrk8Ix83p5aiaa0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google.login.premo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 20:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"}]}
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-7FWZqTsrk8Ix83p5aiaa0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"
expires
Tue, 05 Oct 2021 20:34:49 GMT
style
accounts.google.com/gsi/ 		658 B
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.kfOMzDxrGU8.O/am=chE/d=1/rs=AF0KOtW9mkxYYvoc4rqjkzPVBk-7kwR7XA/m=gis_client_library
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f13.1e100.net
Software
ESF /
Resource Hash
bf3b24767fc257674429212a2270b44f3345e9b9006807c19b146487aa596ae5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FGX3eRiDEZxBWXcbFcGBGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://google.login.premo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 20:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-FGX3eRiDEZxBWXcbFcGBGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"
expires
Tue, 05 Oct 2021 20:34:50 GMT
button
accounts.google.com/gsi/ Frame 52F8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=738575031526-ao3lfhchv101de60i7m0ful7t19fl3tg.apps.googleusercontent.com&iframe_id=gsi_90289_40539&as=D8IiJtnekzUN8oWUSTWwbQ
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.de.kfOMzDxrGU8.O/am=chE/d=1/rs=AF0KOtW9mkxYYvoc4rqjkzPVBk-7kwR7XA/m=gis_client_library
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f13.1e100.net
Software
ESF /
Resource Hash
20314dce0629f85f0862e8b8d798cb35354dbb171a0f41ef211eb7e5abcee6f2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yeu7hmh+jgTU0l4rS8tp3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/gsi/button?type=standard&size=large&theme=outline&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=738575031526-ao3lfhchv101de60i7m0ful7t19fl3tg.apps.googleusercontent.com&iframe_id=gsi_90289_40539&as=D8IiJtnekzUN8oWUSTWwbQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.login.premo.biz/
accept-encoding
gzip, deflate, br
cookie
NID=511=EojKeYHaf63sZwgGDFdS0EscTq2dZEoRsJH1hOBoaRVAvrE-Mk-ILxXYU8gbl6OIkbRruoJJ1VZhfSovkSgaBeeFlZXmOzy5GpfLhd-u0MPFCT0978KoxEmw5g17IHkicaalmkAj0CV-d_fKUoAZYF_UQJ9fZCU9ULeCDiND_D4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://google.login.premo.biz/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 05 Oct 2021 20:34:50 GMT
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-yeu7hmh+jgTU0l4rS8tp3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
report-to
{"group":"AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irbR9Gle1C1FGJ23R1ZcwHxvBRvSqdZnWlscJT4XdPD5yXy2ffqdkh-Cm5Y5sA"
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m=credential_button_library
ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.5AD4Gd3Cvak.L.W.O/am=chE/d=1/rs=AF0KOtVbishvpMTsNg7mVrEgSmM_mVtw0g/ Frame 52F8 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.5AD4Gd3Cvak.L.W.O/am=chE/d=1/rs=AF0KOtVbishvpMTsNg7mVrEgSmM_mVtw0g/m=credential_button_library
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=738575031526-ao3lfhchv101de60i7m0ful7t19fl3tg.apps.googleusercontent.com&iframe_id=gsi_90289_40539&as=D8IiJtnekzUN8oWUSTWwbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
7b55cc79cd1d434c8d4cdae6364a6f8fab9e6d4e458e7315012becbc60e34d23
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding
gzip
x-content-type-options
nosniff
age
441931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1754
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 13:17:18 GMT
server
sffe
date
Thu, 30 Sep 2021 17:49:19 GMT
vary
Accept-Encoding
report-to
{"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="csi-web-eng"
expires
Fri, 30 Sep 2022 17:49:19 GMT
m=credential_button_library
ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.kfOMzDxrGU8.O/am=chE/d=1/rs=AF0KOtW9mkxYYvoc4rqjkzPVBk-7kwR7XA/ Frame 52F8 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.kfOMzDxrGU8.O/am=chE/d=1/rs=AF0KOtW9mkxYYvoc4rqjkzPVBk-7kwR7XA/m=credential_button_library
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/button?type=standard&size=large&theme=outline&text=sign_in_with&shape=rectangular&logo_alignment=left&client_id=738575031526-ao3lfhchv101de60i7m0ful7t19fl3tg.apps.googleusercontent.com&iframe_id=gsi_90289_40539&as=D8IiJtnekzUN8oWUSTWwbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
808a62e7b08e230bc52e5d35d2c8c0481fc69896644ab98306249ace16da782a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding
gzip
x-content-type-options
nosniff
age
434395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32725
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 01:18:00 GMT
server
sffe
date
Thu, 30 Sep 2021 19:54:55 GMT
vary
Accept-Encoding
report-to
{"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="csi-web-eng"
expires
Fri, 30 Sep 2022 19:54:55 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 52F8 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 08:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Oct 2022 08:33:58 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| c function| init object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_761635

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=EojKeYHaf63sZwgGDFdS0EscTq2dZEoRsJH1hOBoaRVAvrE-Mk-ILxXYU8gbl6OIkbRruoJJ1VZhfSovkSgaBeeFlZXmOzy5GpfLhd-u0MPFCT0978KoxEmw5g17IHkicaalmkAj0CV-d_fKUoAZYF_UQJ9fZCU9ULeCDiND_D4