www.google.com Open in urlscan Pro
142.250.185.100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://novo.mycttpt-tracking.com/login
Effective URL:
https://www.google.com/chrome/
Submission Tags: @phish_report
Submission: On July 24 via api (July 24th 2024, 8:51:50 am UTC) from FI — Scanned from FI

Summary HTTP 59 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 59 HTTP transactions. The main IP is 142.250.185.100, located in United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by WR2 on July 1st 2024. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
13	193.143.1.167 193.143.1.167	198953 (PROTON66) (PROTON66)
1	18.245.31.43 18.245.31.43	16509 (AMAZON-02) (AMAZON-02)
2	75.2.52.67 75.2.52.67	16509 (AMAZON-02) (AMAZON-02)
18	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
59	13

13 193.143.1.167 (Moscow, Russian Federation)

ASN198953 (PROTON66, RU)

novo.mycttpt-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-43.fra56.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.52.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: afdd1a7789e84bffc.awsglobalaccelerator.com

eu.api.fpjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tools.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	google.com www.google.com — Cisco Umbrella Rank: 10 tools.google.com — Cisco Umbrella Rank: 2428	419 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	284 KB
13	mycttpt-tracking.com novo.mycttpt-tracking.com	370 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	289 KB
2	fpjs.io eu.api.fpjs.io — Cisco Umbrella Rank: 246481	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 38063	54 KB
59	8

	Domain	Requested by
18	www.google.com	novo.mycttpt-tracking.com www.google.com www.gstatic.com
13	novo.mycttpt-tracking.com	novo.mycttpt-tracking.com
10	fonts.gstatic.com	fonts.googleapis.com
7	www.gstatic.com	www.google.com www.gstatic.com
3	www.googletagmanager.com	www.google.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	eu.api.fpjs.io	fpnpmcdn.net
1	region1.google-analytics.com	www.googletagmanager.com
1	tools.google.com
1	fonts.googleapis.com	www.google.com
1	fpnpmcdn.net	novo.mycttpt-tracking.com
59	11

This site contains links to these domains. Also see Links.

Domain
policies.google.com
support.google.com
passwords.google.com
www.youtube.com
twitter.com
www.facebook.com
developer.chrome.com
chromeenterprise.google
cloud.google.com
gsuite.google.com
edu.google.com
chrome.google.com
www.chromium.org
www.chromeexperiments.com
blog.google
about.google
chromium.googlesource.com
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid
novo.mycttpt-tracking.com R11	`2024-07-24` - `2024-10-22`	3 months	crt.sh
fpcdn.io Amazon RSA 2048 M03	`2023-10-10` - `2024-11-08`	a year	crt.sh
eu.api.fpjs.io Amazon RSA 2048 M03	`2023-11-26` - `2024-12-25`	a year	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/chrome/
Frame ID: DB5F13E99A28BEB5B036CA73F5A0534D
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google Chrome – Sinulle sopiva nopea ja turvallinen selain

Page URL History Show full URLs

http://novo.mycttpt-tracking.com/login HTTP 307
https://novo.mycttpt-tracking.com/login Page URL
https://www.google.com/chrome/ HTTP 307
https://www.google.com/chrome/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

59
Requests

100 %
HTTPS

58 %
IPv6

8
Domains

11
Subdomains

13
IPs

3
Countries

1442 kB
Transfer

3923 kB
Size

8
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/technologies/cookies?hl=fi
Title: Lue lisää

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome?p=chromecom_home&hl=fi
Title: Tuki

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95414?co=GENIE.Platform%3DDesktop&hl=hl=fi
Title: Haluan päivittää Chromen

Search URL Search Domain Scan URL

URL: https://support.google.com/chromebook/answer/177889?hl=fi
Title: Katso päivitysohjeet

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Googlen käyttöehdot

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95417
Title: Katso laitekohtaiset ohjeet täältä

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/10468685?hl=en&co=GENIE.Platform%3DAndroid
Title: Lue lisää suojauksesta ja turvallisuudesta Chromessa

Search URL Search Domain Scan URL

URL: http://passwords.google.com/
Title: Lue lisää Google Salasanoista

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95414?hl=en&co=GENIE.Platform%3DDesktop
Title: Lue lisää Chromen päivityksistä

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/googlechrome
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/googlechrome
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/googlechrome/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://developer.chrome.com/webstore/
Title: Chrome Web Store

Search URL Search Domain Scan URL

URL: https://chromeenterprise.google/browser/download/
Title: Download Chrome Browser

Search URL Search Domain Scan URL

URL: https://chromeenterprise.google/browser/
Title: Chrome Browser for Enterprise

Search URL Search Domain Scan URL

URL: https://chromeenterprise.google/devices/
Title: Chrome-laitteet

Search URL Search Domain Scan URL

URL: https://chromeenterprise.google/os/
Title: ChromeOS

Search URL Search Domain Scan URL

URL: https://cloud.google.com/?hl=en
Title: Google Cloud

Search URL Search Domain Scan URL

URL: https://gsuite.google.com/?hl=fi
Title: Google Workspace

Search URL Search Domain Scan URL

URL: https://edu.google.com/intl/fi_FI/products/more-products/
Title: Google Chrome ‑selain

Search URL Search Domain Scan URL

URL: https://edu.google.com/intl/fi_FI/chromebooks/find-a-chromebook/
Title: Laitteet

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/category/app/8-education?hl=fi
Title: Web Store

Search URL Search Domain Scan URL

URL: https://www.chromium.org/
Title: Chromium

Search URL Search Domain Scan URL

URL: https://www.chromium.org/chromium-os
Title: ChromeOS

Search URL Search Domain Scan URL

URL: https://www.chromeexperiments.com/
Title: Chrome Experiments

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/?hl=fi&rd=3#topic=7438008
Title: Chromen ohjeet

Search URL Search Domain Scan URL

URL: https://blog.google/products/chrome/
Title: Google Chrome ‑blogi

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=fi
Title: Tietosuoja ja käyttöehdot

Search URL Search Domain Scan URL

URL: https://about.google/
Title: Tietoja Googlesta

Search URL Search Domain Scan URL

URL: https://about.google/products/
Title: Googlen tuotteet

Search URL Search Domain Scan URL

URL: https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/linux/chromium_packages.md
Title: here

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.android.chrome&pcampaignid=websitedialog
Title: Android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/chrome/id535886823
Title: iOS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://novo.mycttpt-tracking.com/login HTTP 307
https://novo.mycttpt-tracking.com/login Page URL
https://www.google.com/chrome/ HTTP 307
https://www.google.com/chrome/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://novo.mycttpt-tracking.com/login HTTP 307
https://novo.mycttpt-tracking.com/login

59 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

http://novo.mycttpt-tracking.com/login
https://novo.mycttpt-tracking.com/login

6 KB
2 KB

180ms
61ms

Document
text/html

193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx / Next.js

Resource Hash

62bad99618c7a4ccf4dd5f2591ed3aa872972fe38130b0f54af80d444689517d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

cache-control: s-maxage=31536000, stale-while-revalidate
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-type: text/html; charset=utf-8
date: Wed, 24 Jul 2024 08:51:43 GMT
etag: "tv2ri09ez34f3"
referrer-policy: same-origin
server: nginx
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-nextjs-cache: HIT
x-permitted-cross-domain-policies: master-only
x-powered-by: Next.js
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

Location: https://novo.mycttpt-tracking.com/login
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 ede3e96b238029c5.css
novo.mycttpt-tracking.com/_next/static/css/ 42 KB
8 KB 72ms
71ms Stylesheet
text/css 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/css/ede3e96b238029c5.css

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

aa19c3fba75118e91b55be7c44cb6c745ef9648750f568cdc4eaebe14c077a63

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"a738-190e3e76eca"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 webpack-6d458c5b32810a64.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/ 3 KB
2 KB 70ms
70ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/webpack-6d458c5b32810a64.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

2df43c6d180a4c7d357668d64b2c84fe5d9f4f8e2b5da6bde09c04a29c074dde

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"df4-190e3e76ec2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 67cfe1a8-38db80d668db19ba.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/ 169 KB
53 KB 89ms
78ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/67cfe1a8-38db80d668db19ba.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

408fa4202fb7215854b8df73fdf975ab2f598f54b2c0f7a04b9e8a11772e2e44

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"2a31f-190e3e76ec6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 221-dd40c3d0f3fa517e.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/ 120 KB
31 KB 87ms
76ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/221-dd40c3d0f3fa517e.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

efba6f5f9b72f1601ac875872655defb9f9151bc2835e2d5601472d50e30180e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"1e1b9-190e3e76ec6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 main-app-309421a400de7bde.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/ 463 B
626 B 84ms
74ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/main-app-309421a400de7bde.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

d4b01e5e311b5bbf33e7d6c99d8fdf5170c1fd59dac8a74651d7833a9bb32e45

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-content-type-options: nosniff
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
x-permitted-cross-domain-policies: master-only
content-encoding: br
etag: W/"1cf-190e3e76ec2"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 687-6aebe964d6674f19.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/ 14 KB
6 KB 136ms
126ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/687-6aebe964d6674f19.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

c53eb8057003c4f354f6e36a7171bcc5f8211ce437f1b65032fe4a3113f9e26d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"3668-190e3e76ec6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 595-8581cd5ae20bb684.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/ 20 KB
7 KB 142ms
132ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/595-8581cd5ae20bb684.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

1df3ca409cac8a79d20937cc3a63571db5b9a939e2c19780186637633f9049d5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"503a-190e3e76ec6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 487-5ecc0dd018c240d1.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/ 145 KB
47 KB 143ms
133ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/487-5ecc0dd018c240d1.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

14725a2a53b1a6600d19b1cfa0824dcaab6167819eab40c4efe120de1269085d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"2455a-190e3e76ec6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 page-c463f7087c2743e3.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/app/login/ 4 KB
2 KB 140ms
131ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/app/login/page-c463f7087c2743e3.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

eab52c350289b8caa7ff9cf9fec479f69e43e04ef849440fd1be063e5c9eed0c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"fb9-190e3e76ec2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 layout-62397e4084ccccfc.js Show response
novo.mycttpt-tracking.com/_next/static/chunks/app/ 11 KB
5 KB 141ms
131ms Script
application/javascript 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/_next/static/chunks/app/layout-62397e4084ccccfc.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

55cb08106f5183c12ba21c456e4a78858f1ad74e95c8b9706e8f7a92bb25d52a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 24 Jul 2024 08:41:53 GMT
server: nginx
etag: W/"2c20-190e3e76ec2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 loader_v3.9.9.js Show response
fpnpmcdn.net/v3/BMvkoTMRKN6qDLK0F790/ 160 KB
54 KB 220ms
65ms Script
text/javascript 18.245.31.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/BMvkoTMRKN6qDLK0F790/loader_v3.9.9.js

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/_next/static/chunks/app/layout-62397e4084ccccfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-43.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

743e06f51d4bd10c6c15bc316d0e9571f432d6dcfb8764fff3385b339fb8ad90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jul 2024 22:15:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
age: 470188
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"IOrg69AfbGwYLPzKSjwU5RjzNRE"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3678, s-maxage=578009
timing-allow-origin: *
x-amz-cf-id: D7PzEsRAko76ojX5pDV_IdlPUBcNuEIPd8TLN04XMysfLOULTiVjHg==

GET
H2 200 favicon.ico
novo.mycttpt-tracking.com/ 205 KB
205 KB 83ms
79ms Other
image/x-icon 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

78722f16281a314d2ecf6a03eafff0e735dbee33aeab8fac1f8cb2277354164b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
x-permitted-cross-domain-policies: master-only
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-frame-options: SAMEORIGIN
content-type: image/x-icon
x-nextjs-cache: HIT
cache-control: public, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 7 Show response
eu.api.fpjs.io/DwmA/JNZ1Dz7/ 96 B
447 B 160ms
59ms XHR
text/plain 75.2.52.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.api.fpjs.io/DwmA/JNZ1Dz7/7?q=BMvkoTMRKN6qDLK0F790

Requested by

Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/BMvkoTMRKN6qDLK0F790/loader_v3.9.9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.52.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afdd1a7789e84bffc.awsglobalaccelerator.com

Software

Resource Hash

680077dc07d7f75bfd27e7342f14d4048c104d4d32d4ee689308ef93a9effa87

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:44 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

POST
H2 200 / Show response
eu.api.fpjs.io/ 431 B
960 B 189ms
101ms XHR
text/plain 75.2.52.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.api.fpjs.io/?ci=js/3.9.10&q=BMvkoTMRKN6qDLK0F790

Requested by

Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/BMvkoTMRKN6qDLK0F790/loader_v3.9.9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.52.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afdd1a7789e84bffc.awsglobalaccelerator.com

Software

Resource Hash

62a31b06540d4faa2f1e6869450cd664b49549acb5f4eb536780b82f1777726b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 24 Jul 2024 08:51:45 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://novo.mycttpt-tracking.com
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 431

POST
H2 200 bot
novo.mycttpt-tracking.com/api/ 14 B
341 B 175ms
174ms Fetch
application/json 193.143.1.167
PROTON66

General

Check archive.org

Show headers Download Go to

Full URL

https://novo.mycttpt-tracking.com/api/bot

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/_next/static/chunks/app/layout-62397e4084ccccfc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.143.1.167 Moscow, Russian Federation, ASN198953 (PROTON66, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novo.mycttpt-tracking.com/login
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Wed, 24 Jul 2024 08:51:45 GMT
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
x-content-type-options: nosniff
referrer-policy: same-origin
server: nginx
x-permitted-cross-domain-policies: master-only
etag: "tg8gb8wqn9e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-robots-tag: noindex, nofollow
content-length: 14
x-xss-protection: 1; mode=block

GET
H3

200

Primary Request / Show response
www.google.com/chrome/
Redirect Chain

https://www.google.com/chrome/
https://www.google.com/chrome/

368 KB
45 KB

74ms
73ms

Document
text/html

142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/

Requested by

Host: novo.mycttpt-tracking.com
URL: https://novo.mycttpt-tracking.com/_next/static/chunks/app/layout-62397e4084ccccfc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

989bf1cf810e5cb1c8aebb6407f7a9c1169bf095ec56dfeb5561383428220212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-security-policy-report-only: script-src 'nonce-4dcJgUpl7-_O2MkYu3ePRA' 'report-sample' 'self' 'strict-dynamic' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' http: https: https://analytics.google.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.gstatic.com/; object-src 'none'; img-src * data:; connect-src 'self' *.analytics.google.com *.g.doubleclick.net *.google-analytics.com adservice.google.com https://*.googlesyndication.com/ https://analytics.google.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com/; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome; base-uri 'none' require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
content-type: text/html; charset=UTF-8
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jul 2024 08:51:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 16 Jul 2024 09:00:00 GMT
pragma: no-cache
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

Location: https://www.google.com/chrome/

GET
H3 200 home-poster-2x.webp
www.google.com/chrome/static/images/dev-components/ 121 KB
121 KB 79ms
75ms Image
image/webp 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/chrome/static/images/dev-components/home-poster-2x.webp

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

f76deeceaab2f886d81c3003468cf896782f6b4c0b5ee34c7af153c5edff0b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123660
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 14:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/webp
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 50 KB
2 KB 233ms
77ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Product+Sans&family=Google+Sans+Display:ital@0;1&family=Google+Sans_old:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,700&family=Google+Sans+Text:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f76706e8acaaac78a14db4c57b9bf1dcb334bbffa0815226f7d442f9e5e8dd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 main.min.css
www.google.com/chrome/static/css/v2/ 287 KB
26 KB 81ms
80ms Stylesheet
text/css 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/css/v2/main.min.css

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

31bc450e0bc19bd21c5cdeaa7bf749e5fb021d86dea63c32e837e230c21c2e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26439
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 09:00:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: text/css; charset=UTF-8
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 200 cookienotificationbar.min.css
www.gstatic.com/glue/cookienotificationbar/ 9 KB
2 KB 223ms
68ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.css

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c488541237685dfb9cc7a5919701e37f869d91f88b370c448da8769533db31ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1673
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 16:10:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 200 cookienotificationbar.min.js Show response
www.gstatic.com/glue/cookienotificationbar/ 18 KB
7 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1781a4aaa87addb4701babd8b731a938e185e26d1c647bd412b9abfba09d445b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6841
x-xss-protection: 0
last-modified: Tue, 23 Jul 2024 16:10:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 chrome-logo-m100.svg
www.google.com/chrome/static/images/ 2 KB
908 B 87ms
71ms Image
image/svg+xml 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/chrome/static/images/chrome-logo-m100.svg

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

1357dd965397a99cbc937ddd2345a9897d527f7229c8b0f2aeebac97680cc66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 881
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 19:00:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/svg+xml
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 frozen_deprecation_icon.svg
www.google.com/chrome/static/images/icons/ 655 B
320 B 93ms
78ms Image
image/svg+xml 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/chrome/static/images/icons/frozen_deprecation_icon.svg

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

bc57af604db99d8c884a0e4b5d8b5fb3479d9c9fb675710a4f9f8770fbdec4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 15:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/svg+xml
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 passwords-fill.webp
www.google.com/chrome/static/images/intl/fi_FI/v2/gallery/ 15 KB
15 KB 80ms
78ms Image
image/webp 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/chrome/static/images/intl/fi_FI/v2/gallery/passwords-fill.webp

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

1bfe1d9bdecb497a6253a606d22e9e89792e8d5ec56705f33a0b34f0557f6055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15668
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 14:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/webp
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 chrome-logo-landscape.svg
www.google.com/chrome/static/images/ 6 KB
2 KB 74ms
71ms Image
image/svg+xml 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/chrome/static/images/chrome-logo-landscape.svg

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

d2192fb5be57ae5bb94d266b0078cacddc59617273d31e2093bde16962031c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2280
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 13:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/svg+xml
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 chrome_throbber_fast.gif
www.google.com/chrome/static/images/ 2 KB
2 KB 72ms
70ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/chrome/static/images/chrome_throbber_fast.gif

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

754965a6fe024b46151ed8860fbbc6767a25ebf49c7d11ea49a574cc977b9efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2082
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 20:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/gif
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 200 intersection-observer.min.js Show response
www.gstatic.com/external_hosted/intersectionobserver_polyfill/ 5 KB
2 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/intersectionobserver_polyfill/intersection-observer.min.js

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8037c1f1e0e4d3d7955f591a14a4b4d090141f1d210ef8b793ce5b345f08f7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1942
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 200 lottie.js Show response
www.gstatic.com/external_hosted/lottie/ 260 KB
55 KB 116ms
114ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/lottie/lottie.js

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9272374a15e2a167d78a212fcad8ae23fc82d0d38856fdc5d01c9e40b4356b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56499
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 15:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 200 gsap.min.js Show response
www.gstatic.com/external_hosted/greensock3/dist/ 71 KB
25 KB 156ms
154ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/greensock3/dist/gsap.min.js

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28033e449a31ebcc396e5be8b13b63152bf03094288fb5867034321927bce087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25558
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 15:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 200 ScrollTrigger.min.js Show response
www.gstatic.com/external_hosted/greensock3/dist/ 42 KB
16 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/greensock3/dist/ScrollTrigger.min.js

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad33c2df9ada8a663c2147357828f980d0b7ca731ef33eb3c6e4f327c3b2cda5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16005
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 15:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 main.min.js Show response
www.google.com/chrome/static/js/pages/by-environment/mobile/home/ 113 KB
31 KB 72ms
70ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/js/pages/by-environment/mobile/home/main.min.js

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

050a15f38cf4e73158330f141ab5dc7f9b68a6b3e6dbd1ba4a4d0141013826b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32014
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 11:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 installer.min.js Show response
www.google.com/chrome/static/js/ 70 KB
21 KB 80ms
78ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/js/installer.min.js

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

b0abecfc35517717714abe7aada67f5aaa99399692f0e0b6cb327fa47c1d1a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21439
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 15:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 site-icons.svg
www.google.com/chrome/static/images/ 385 KB
101 KB 80ms
79ms Other
image/svg+xml 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/images/site-icons.svg

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

fdf7c2b31dd579fda8d4461798cd7ac1879e940bf39107f574c0bd0d0d8a7088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102970
x-xss-protection: 0
last-modified: Tue, 16 Jul 2024 14:00:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/svg+xml
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5daff5e842153263e226a2b3a3f28bcc7ebad294574f8945cc8b4dc94578e12a

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fb9918fbc98c28ce77ee14e82caff36f69a764676fb5b6fd0a40b6fa7007a53

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bf862f3586f612ddb5751eb35d4e67ea6719bd5049fd103a606f303a025ca1e

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9729b7871c5ee51fd63d4b9e7e692ebaac4eb400502f1ecd40113cfadec31973

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 168c3e57b1b06ed1bcbac30cb739f1f30e143aa59895ba64f853535fc656a4a4

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75e0fe33a139622cde1d4bacdef52e609e623b514c56b113c69568fa16c23a12

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93d94b16ffab76ec2ece0b9266a5ee0b959c4416e144cf5806a4efe153188a73

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bfb622300ce4822f43d5d6700fb1237bc67ce2ac289757ead9972d2908e581e

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94e44b87d1ab92453f99a327cdd5db08b2f9bf80b72c5414f1ce8aec797ad1ea

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
fonts.gstatic.com/s/googlesans/v46/ 29 KB
29 KB 263ms
128ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Product+Sans&family=Google+Sans+Display:ital@0;1&family=Google+Sans_old:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,700&family=Google+Sans+Text:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7908573a6cb5d64642f3632a16da2f1ed93f438db6c2fe3cc3118fafb51a30e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 15:19:14 GMT
x-content-type-options: nosniff
age: 63152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29740
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:19:14 GMT

GET
H2 200 5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmhjtjm4DZw.woff2
fonts.gstatic.com/s/googlesanstext/v21/ 15 KB
15 KB 195ms
60ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v21/5aUp9-KzpRiLCAt4Unrc-xIKmCU5oLlVnmhjtjm4DZw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58f90c7fb8d758705ca53191ac0554b56b856e864d1f38f6aa9875a531c7dea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 15:11:19 GMT
x-content-type-options: nosniff
age: 63627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15172
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:11:19 GMT

GET
H2 200 5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2i0VBuxM.woff2
fonts.gstatic.com/s/googlesanstext/v21/ 14 KB
15 KB 212ms
77ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v21/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2i0VBuxM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233c7fbf98b65e3f3e10f7d82b6584af95888ebcb0c878befe46563c5f9ef95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 14:47:11 GMT
x-content-type-options: nosniff
age: 65075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14840
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:47:11 GMT

GET
H3 200 Sequence.json Show response
www.google.com/chrome/static/lottie-animations/pills/ 16 KB
3 KB 75ms
74ms XHR
application/json 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/lottie-animations/pills/Sequence.json

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/external_hosted/lottie/lottie.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

f7e710abc2f13f8cf951f81ec0f8693d3b0ced892f653ecba438dcfd122529af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2602
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 13:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: application/json
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 Faster.json Show response
www.google.com/chrome/static/lottie-animations/pills/ 6 KB
1 KB 75ms
73ms XHR
application/json 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/lottie-animations/pills/Faster.json

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/external_hosted/lottie/lottie.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

c87cdf4c8386ab68307c8916ad9092f008ba2cc2a45642cab333c3745a0fdfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1273
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 13:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: application/json
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 Safer.json Show response
www.google.com/chrome/static/lottie-animations/pills/ 4 KB
1002 B 74ms
71ms XHR
application/json 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/lottie-animations/pills/Safer.json

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/external_hosted/lottie/lottie.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

6b8bb9429090513a553118f46a7dc8e67b6b10cae867553a1d11189c7265ceec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 975
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 13:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: application/json
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 Yours.json Show response
www.google.com/chrome/static/lottie-animations/pills/ 4 KB
839 B 90ms
89ms XHR
application/json 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/lottie-animations/pills/Yours.json

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/external_hosted/lottie/lottie.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

05b51cb0f27a485dd8d8f589aef44fec2399eedf8806c5240d8e5aff7b6645b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 812
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 13:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: application/json
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 Built.json Show response
www.google.com/chrome/static/lottie-animations/pills/ 4 KB
959 B 89ms
88ms XHR
application/json 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/lottie-animations/pills/Built.json

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/external_hosted/lottie/lottie.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

42a2e11b11ee5bfe31e576ed5aa29bf45f1d2eb9253702bd5a24797fbd8e164e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 932
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 13:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: application/json
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H3 200 home-poster.webp
www.google.com/chrome/static/images/intl/fi_FI/dev-components/ 45 KB
45 KB 70ms
69ms Image
image/webp 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/chrome/static/images/intl/fi_FI/dev-components/home-poster.webp

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

079f04e3af73ef23d11b9324464aa135c5ee096f5dfb86b6b23c77766b42f309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45808
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 14:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/webp
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d8db7678a9037ad29cfd29160158d8a0b059aca8a651549de0a0185a7c7416c

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvbQoi-Entw.woff2
fonts.gstatic.com/s/googlesans/v46/ 14 KB
14 KB 62ms
61ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvbQoi-Entw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6261e2c924c2387ec9c22bdd66ba2cbedc13c712451317db61764bd20df6c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 11:58:00 GMT
x-content-type-options: nosniff
age: 75226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:02:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 11:58:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPj0UvbQoi-Entw.woff2
fonts.gstatic.com/s/googlesans/v46/ 6 KB
6 KB 74ms
73ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPj0UvbQoi-Entw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2490f24013508841f5db2d5dd5049dd8004c6119d1a0e0592c8195e13c27ac89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 19 Jul 2024 11:37:31 GMT
x-content-type-options: nosniff
age: 422055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6516
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:00:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Jul 2025 11:37:31 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvbQoi-Entw.woff2
fonts.gstatic.com/s/googlesans/v46/ 8 KB
9 KB 83ms
81ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvbQoi-Entw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34738074cdd692325724186676cbdaa139a3eac2e71aab7673f21c74eb3f341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 11:45:33 GMT
x-content-type-options: nosniff
age: 75973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8608
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 11:45:33 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvbQoi-Entw.woff2
fonts.gstatic.com/s/googlesans/v46/ 15 KB
15 KB 73ms
72ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvbQoi-Entw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba3081e39fe129231f4161f51b1530bef0d3c288527734fea247abec143b4dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 14:55:27 GMT
x-content-type-options: nosniff
age: 64579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15120
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:00:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:55:27 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjAUvbQoi-Entw.woff2
fonts.gstatic.com/s/googlesans/v46/ 12 KB
12 KB 150ms
149ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjAUvbQoi-Entw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8795d00ff9a20b3ce050a167b79ccd99bbaed3154f4e98fe562f27df6985d556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 14:55:27 GMT
x-content-type-options: nosniff
age: 64579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11972
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:01:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 14:55:27 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjMUvbQoi-Entw.woff2
fonts.gstatic.com/s/googlesans/v46/ 45 KB
46 KB 89ms
88ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjMUvbQoi-Entw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac0512ee6cfa8fd0a7ad7b1df9e45b23f831b8d0938dd4b08c2e68e32b6ed6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 18 Jul 2024 02:03:05 GMT
x-content-type-options: nosniff
age: 542921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46476
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:00:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Jul 2025 02:03:05 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiYUvbQoi-Entw.woff2
fonts.gstatic.com/s/googlesans/v46/ 16 KB
16 KB 119ms
118ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiYUvbQoi-Entw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af29acc207f9b6558c5a2243f296a28bf9022e1e85e59b772d9fdea813865fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 23 Jul 2024 07:58:33 GMT
x-content-type-options: nosniff
age: 89593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16608
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 07:58:33 GMT

GET
H3 200 2a.json Show response
www.gstatic.com/glue/cookienotificationbar/config/ 466 B
279 B 138ms
70ms Fetch
application/json 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/config/2a.json?hl=fi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

e9b67fb83c06f279c813079d7cb83a9b746f94be5f65e99a90e9a86cb9ac80de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 19:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 204 dlpageping
tools.google.com/service/update2/ 0
341 B 235ms
73ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tools.google.com/service/update2/dlpageping?appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={EB6FC32A-22C1-191C-BF60-81FFE5DC42C3}&lang=fi&browser=0&usagestats=0&appname=Google%20Chrome&needsadmin=prefers&installdataindex=empty&stage=index&installsource=download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JO9H3l8xMOFjeGhoA40znA' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-JO9H3l8xMOFjeGhoA40znA' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
date: Wed, 24 Jul 2024 08:51:47 GMT
server: GSE
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon-32x32.png
www.google.com/chrome/static/images/favicons/ 2 KB
2 KB 82ms
82ms Other
image/png 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/chrome/static/images/favicons/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

5cf48326fa259a443b1373ad2ce4d38cf5f8e411cc76d4e15757008c31c364e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/chrome/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
sec-ch-prefers-reduced-motion: no-preference

Response headers

date: Wed, 24 Jul 2024 08:51:46 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/chrome
critical-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1659
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 13:30:00 GMT
accept-ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
server: sffe
vary: Accept-Encoding, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-CH-Prefers-Reduced-Motion
report-to: {"group":"uxe-owners-acl/chrome","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/chrome"}]}
content-type: image/png
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/chrome"
expires: Wed, 24 Jul 2024 08:51:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 386 KB
112 KB 361ms
126ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZ6TRJB

Requested by

Host: www.google.com
URL: https://www.google.com/chrome/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1949185753c3f016e0e388d3251582948fb097cdd3fd2fed2ce05e9cad484c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114522
x-xss-protection: 0
last-modified: Wed, 24 Jul 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jul 2024 08:51:47 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 252 KB
89 KB 77ms
75ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-B7W0ZKZYDK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ6TRJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dda43411d198a8b91366c39cc6ddf406f6c9fa93e797907edf968d469def4855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jul 2024 08:51:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
89 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B7W0ZKZYDK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ6TRJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9f2ef6181112d00a56e0b3ee4fc8dc6c43aa16b8993293dcc79cb37c21cbe01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 24 Jul 2024 08:51:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jul 2024 08:51:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 195ms
62ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZ6TRJB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jul 2024 06:53:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7105
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 24 Jul 2024 08:53:22 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 113ms
35ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B7W0ZKZYDK&gtm=45je47h0v868655178z877820832za200zb77820832&_p=1721811107009&gcs=G101&gcd=13q3rPl2l5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=2109583632.1721811108&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&dl=https%3A%2F%2Fwww.google-b197145817.com%2Fchrome%2F&sid=1721811107&sct=1&seg=0&dt=Google%20Chrome%20%E2%80%93%20Sinulle%20sopiva%20nopea%20ja%20turvallinen%20selain&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_name=Google%20Chrome%20-%20The%20Fast%20%26%20Secure%20Web%20Browser%20Built%20to%20be%20Yours&ep.isEEA=true&ep.percent_scrolled=0&ep.scroll_increment=0&ep.scroll_instance=1&ep.diversion_experience=Conversion%20-%20Mobile&tfd=2075&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-B7W0ZKZYDK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 08:51:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 67ms
66ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1325754858&t=pageview&_s=1&dl=https%3A%2F%2Fwww.google.com%2Fchrome%2F&ul=fi-fi&de=UTF-8&dt=Google%20Chrome%20%E2%80%93%20Sinulle%20sopiva%20nopea%20ja%20turvallinen%20selain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAICAAYg~&cid=2109583632.1721811108&tid=UA-26908291-1&_gid=1405795251.1721811108&_slc=1&gtm=45He47h0n81PZ6TRJBv77820832za200&gcs=G101&gcd=13q3r3l2l5&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=204615663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jul 2024 08:51:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on July 24th 2024, 8:53:19 am UTC — From Portugal

Threats: Phishing
Brands: CTT Correios PT Novobanco PT
Comment: phishing website for novobanco.pt clients

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/chrome/	1970-01-21 07:52:51	Name: _ga_B7W0ZKZYDK Value: GS1.1-2.1721811107.1.0.1721811107.0.0.0
.google.com/chrome/	1970-01-21 07:52:51	Name: _ga Value: GA1.1-2.2109583632.1721811108
www.google.com/chrome	1969-12-31 23:59:59	Name: iid Value: %7BEB6FC32A-22C1-191C-BF60-81FFE5DC42C3%7D
.google.com/chrome	1970-01-21 07:52:51	Name: _ga Value: GA1.2-2.2109583632.1721811108
.google.com/chrome	1970-01-20 22:18:17	Name: _gid Value: GA1.2-2.1405795251.1721811108
.fpjs.io/	1970-01-21 07:02:27	Name: _iidt Value: 4ZQmhV8slsckiKoYPuC7kMRvgXwheujqYJ80B8+DMpH5WqSHIweiOnK8+6UBlg5JHJX/sSFbel4CG5OUdsqbXLX6zYxKSrsIEbSvyKbCTeFPE3E=
.mycttpt-tracking.com/	1970-01-21 07:02:27	Name: _vid_t Value: Kaz4Wq7YGSFQuCopedWYdKzgOsToWbSF1Lv9wq6/fZLgqgcXr2WLosenBAZQMOU88aVSbpKz6HYL5hDFcM+Mbx0St2MuP4S7Sx7p2843/BIXneU=
.google.com/	1970-01-21 02:40:22	Name: NID Value: 516=pVuY5iW5NcS5YAiOM04Tmk4ibhnraamDtqLiPuHnJxodawpOYcOA49i-_ypKdVDdNJQpPT33uhrPPD4M8WMYRtdHGN24SD5hTpiks_i-f6sr84VpbEp2qLYZfe-Pn7Dt4yNPSj8nZ2oXe-H8Z12C7qLcTqj4F24_0ZpXggh4UXf1CTrXcZgQVgsI

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eu.api.fpjs.io
fonts.googleapis.com
fonts.gstatic.com
fpnpmcdn.net
novo.mycttpt-tracking.com
region1.google-analytics.com
tools.google.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.185.100
142.250.185.131
18.245.31.43
193.143.1.167
2001:4860:4802:34::36
2a00:1450:4001:800::200e
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
75.2.52.67
050a15f38cf4e73158330f141ab5dc7f9b68a6b3e6dbd1ba4a4d0141013826b4
05b51cb0f27a485dd8d8f589aef44fec2399eedf8806c5240d8e5aff7b6645b8
079f04e3af73ef23d11b9324464aa135c5ee096f5dfb86b6b23c77766b42f309
1357dd965397a99cbc937ddd2345a9897d527f7229c8b0f2aeebac97680cc66d
14725a2a53b1a6600d19b1cfa0824dcaab6167819eab40c4efe120de1269085d
168c3e57b1b06ed1bcbac30cb739f1f30e143aa59895ba64f853535fc656a4a4
1781a4aaa87addb4701babd8b731a938e185e26d1c647bd412b9abfba09d445b
1bfe1d9bdecb497a6253a606d22e9e89792e8d5ec56705f33a0b34f0557f6055
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1df3ca409cac8a79d20937cc3a63571db5b9a939e2c19780186637633f9049d5
233c7fbf98b65e3f3e10f7d82b6584af95888ebcb0c878befe46563c5f9ef95b
2490f24013508841f5db2d5dd5049dd8004c6119d1a0e0592c8195e13c27ac89
28033e449a31ebcc396e5be8b13b63152bf03094288fb5867034321927bce087
2df43c6d180a4c7d357668d64b2c84fe5d9f4f8e2b5da6bde09c04a29c074dde
31bc450e0bc19bd21c5cdeaa7bf749e5fb021d86dea63c32e837e230c21c2e82
3d8db7678a9037ad29cfd29160158d8a0b059aca8a651549de0a0185a7c7416c
408fa4202fb7215854b8df73fdf975ab2f598f54b2c0f7a04b9e8a11772e2e44
42a2e11b11ee5bfe31e576ed5aa29bf45f1d2eb9253702bd5a24797fbd8e164e
4bf862f3586f612ddb5751eb35d4e67ea6719bd5049fd103a606f303a025ca1e
55cb08106f5183c12ba21c456e4a78858f1ad74e95c8b9706e8f7a92bb25d52a
58f90c7fb8d758705ca53191ac0554b56b856e864d1f38f6aa9875a531c7dea3
5cf48326fa259a443b1373ad2ce4d38cf5f8e411cc76d4e15757008c31c364e3
5daff5e842153263e226a2b3a3f28bcc7ebad294574f8945cc8b4dc94578e12a
62a31b06540d4faa2f1e6869450cd664b49549acb5f4eb536780b82f1777726b
62bad99618c7a4ccf4dd5f2591ed3aa872972fe38130b0f54af80d444689517d
680077dc07d7f75bfd27e7342f14d4048c104d4d32d4ee689308ef93a9effa87
6b6261e2c924c2387ec9c22bdd66ba2cbedc13c712451317db61764bd20df6c1
6b8bb9429090513a553118f46a7dc8e67b6b10cae867553a1d11189c7265ceec
6fb9918fbc98c28ce77ee14e82caff36f69a764676fb5b6fd0a40b6fa7007a53
743e06f51d4bd10c6c15bc316d0e9571f432d6dcfb8764fff3385b339fb8ad90
754965a6fe024b46151ed8860fbbc6767a25ebf49c7d11ea49a574cc977b9efb
75e0fe33a139622cde1d4bacdef52e609e623b514c56b113c69568fa16c23a12
78722f16281a314d2ecf6a03eafff0e735dbee33aeab8fac1f8cb2277354164b
8037c1f1e0e4d3d7955f591a14a4b4d090141f1d210ef8b793ce5b345f08f7f5
8795d00ff9a20b3ce050a167b79ccd99bbaed3154f4e98fe562f27df6985d556
9272374a15e2a167d78a212fcad8ae23fc82d0d38856fdc5d01c9e40b4356b8a
93d94b16ffab76ec2ece0b9266a5ee0b959c4416e144cf5806a4efe153188a73
94e44b87d1ab92453f99a327cdd5db08b2f9bf80b72c5414f1ce8aec797ad1ea
9729b7871c5ee51fd63d4b9e7e692ebaac4eb400502f1ecd40113cfadec31973
989bf1cf810e5cb1c8aebb6407f7a9c1169bf095ec56dfeb5561383428220212
9bfb622300ce4822f43d5d6700fb1237bc67ce2ac289757ead9972d2908e581e
aa19c3fba75118e91b55be7c44cb6c745ef9648750f568cdc4eaebe14c077a63
ac0512ee6cfa8fd0a7ad7b1df9e45b23f831b8d0938dd4b08c2e68e32b6ed6bc
ad33c2df9ada8a663c2147357828f980d0b7ca731ef33eb3c6e4f327c3b2cda5
af29acc207f9b6558c5a2243f296a28bf9022e1e85e59b772d9fdea813865fb3
b0abecfc35517717714abe7aada67f5aaa99399692f0e0b6cb327fa47c1d1a3f
b34738074cdd692325724186676cbdaa139a3eac2e71aab7673f21c74eb3f341
ba3081e39fe129231f4161f51b1530bef0d3c288527734fea247abec143b4dd4
bc57af604db99d8c884a0e4b5d8b5fb3479d9c9fb675710a4f9f8770fbdec4bd
c488541237685dfb9cc7a5919701e37f869d91f88b370c448da8769533db31ed
c53eb8057003c4f354f6e36a7171bcc5f8211ce437f1b65032fe4a3113f9e26d
c87cdf4c8386ab68307c8916ad9092f008ba2cc2a45642cab333c3745a0fdfe0
c9f2ef6181112d00a56e0b3ee4fc8dc6c43aa16b8993293dcc79cb37c21cbe01
d2192fb5be57ae5bb94d266b0078cacddc59617273d31e2093bde16962031c11
d4b01e5e311b5bbf33e7d6c99d8fdf5170c1fd59dac8a74651d7833a9bb32e45
d7908573a6cb5d64642f3632a16da2f1ed93f438db6c2fe3cc3118fafb51a30e
dda43411d198a8b91366c39cc6ddf406f6c9fa93e797907edf968d469def4855
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1949185753c3f016e0e388d3251582948fb097cdd3fd2fed2ce05e9cad484c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b67fb83c06f279c813079d7cb83a9b746f94be5f65e99a90e9a86cb9ac80de
eab52c350289b8caa7ff9cf9fec479f69e43e04ef849440fd1be063e5c9eed0c
efba6f5f9b72f1601ac875872655defb9f9151bc2835e2d5601472d50e30180e
f76706e8acaaac78a14db4c57b9bf1dcb334bbffa0815226f7d442f9e5e8dd5a
f76deeceaab2f886d81c3003468cf896782f6b4c0b5ee34c7af153c5edff0b8a
f7e710abc2f13f8cf951f81ec0f8693d3b0ced892f653ecba438dcfd122529af
fdf7c2b31dd579fda8d4461798cd7ac1879e940bf39107f574c0bd0d0d8a7088

www.google.com Open in urlscan Pro 142.250.185.100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

58 %IPv6

8 Domains

11 Subdomains

13 IPs

3 Countries

1442 kBTransfer

3923 kBSize

8 Cookies

33 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.google.com Open in urlscan Pro
142.250.185.100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

58 %
IPv6

8
Domains

11
Subdomains

13
IPs

3
Countries

1442 kB
Transfer

3923 kB
Size

8
Cookies

59 HTTP transactions
10 data transactions