ufa-4.site Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ufa-4.site/
Submission: On March 22 via api (March 22nd 2024, 4:16:16 am UTC) from BE — Scanned from NL

Summary HTTP 38 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 5 domains to perform 38 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ufa-4.site.
TLS certificate: Issued by E1 on March 20th 2024. Valid for: 3 months.

This is the only time ufa-4.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0b::8b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
38	9

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ufa-4.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0b::8b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

groups.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content-people-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
10	google.com apis.google.com — Cisco Umbrella Rank: 259 groups.google.com — Cisco Umbrella Rank: 39366 Failed play.google.com — Cisco Umbrella Rank: 91 Failed	326 KB
2	googleapis.com content-people-pa.googleapis.com — Cisco Umbrella Rank: 376184	36 KB
2	ufa-4.site ufa-4.site	103 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 106	699 B
38	5

	Domain	Requested by
14	www.gstatic.com	ufa-4.site www.gstatic.com
5	fonts.gstatic.com	ufa-4.site
4	groups.google.com	www.gstatic.com
4	apis.google.com	www.gstatic.com content-people-pa.googleapis.com apis.google.com
2	content-people-pa.googleapis.com	apis.google.com
2	play.google.com	www.gstatic.com
2	ufa-4.site	ufa-4.site
1	lh3.googleusercontent.com	ufa-4.site
38	8

This site contains links to these domains. Also see Links.

Domain
groups.google.com
www.google.com
accounts.google.com
policies.google.com
bilty.top
lybit.top

Subject Issuer	Validity	Valid
ufa-4.site E1	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ufa-4.site/
Frame ID: 877F8070DCEDE33F3F50DD1103DDD2B8
Requests: 30 HTTP requests in this frame

Frame: https://content-people-pa.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__
Frame ID: 15E95835956AF1E30BE17E2A26850EC5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🥁🍹 UFA4 / ทดลองเล่นสล็อต / ufa4 / ทดลองเล่นสล็อต ufa4 / ทดลองเล่นufa4 / ทางเข้าufa4 / ufa4 ☢

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

89 %
HTTPS

100 %
IPv6

5
Domains

8
Subdomains

9
IPs

3
Countries

2373 kB
Transfer

3503 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://groups.google.com/my-groups
Title: Groups

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/about/products?tab=gh

Search URL Search Domain Scan URL

URL: https://accounts.google.com/ServiceLogin?hl=en&passive=true&continue=https://groups.google.com&ec=GAZA0AM
Title: Sign in

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/comp.protocols.dicom
Title: Conversations

Search URL Search Domain Scan URL

URL: https://groups.google.com/g/comp.protocols.dicom/about
Title: About

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=en_US
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=en_US
Title: Terms

Search URL Search Domain Scan URL

URL: https://bilty.top/ufa/ufa4
Title: https://lydee.top/moo/ufa4

Search URL Search Domain Scan URL

URL: https://lybit.top/ufa/ufa4
Title: https://bilty.top/winner/ufa4

Search URL Search Domain Scan URL

URL: https://lybit.top/pg/ufa4
Title: สมัครสมาชิก

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ufa-4.site/ 519 KB
102 KB 296ms
237ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufa-4.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb449fab877394b30eb738ed19eacb0256ec18381c6d2901836f30bcd4ea213

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86835d5dbd3a0c8d-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 04:16:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6C28V8DGsI1urosC70rOJvPEDUKIMLhTqOqC1LYVFZoLgKHeU6fITs%2BEd4mrxxcRjKhKcY7xJpTSBUAHTuxF3OhTqvT7C1IPZBANRYg9DvUccRArmXErDapLNJfwk%2BxjCRFRZgoABZee"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 jquery.js Show response
ufa-4.site/ 21 KB
1 KB 114ms
114ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufa-4.site/jquery.js
Requested by: Host: ufa-4.site
URL: https://ufa-4.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 468de1403d76d0d861f3545e3562d7b73a6fca20fc55be6f9b68bf8241b64dbd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 04:16:10 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Mar 2024 21:30:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f0c977-5367"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FxVb6apQex3go0%2BknesAZs3PegbWHsZTlY%2BEBuvob%2BsQ2IULg48I27I6DsZ9tsrUOzwfJysH8YLJiy86lRaEkRKdfUn8sGSXBYLiu7D%2FoHz%2BDyZjlzZf4rALp%2FVu53PJLAItex3gU8Zo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 86835d5f3dde0c8d-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/am=AAbp9Nq_va0M/d=1/excm=_b,_tp,conversationdetailview/ed=1/dg=0/wt=2/ujg=1/rs=ALAdxDniuooVnpqhVKCsaOSc7c... 244 KB
244 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/am=AAbp9Nq_va0M/d=1/excm=_b,_tp,conversationdetailview/ed=1/dg=0/wt=2/ujg=1/rs=ALAdxDniuooVnpqhVKCsaOSc7cEgzXXJoA/m=_b,_tp

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b7579177c68a67b10d4a7fac6305c168f2583e9b71fa1dca671a35a74e6aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 09:01:57 GMT
x-content-type-options: nosniff
age: 242053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249582
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 12:39:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 09:01:57 GMT

GET
H2 200 logo_groups_color_1x_web_48dp.png
fonts.gstatic.com/s/i/productlogos/groups/v9/web-48dp/ 798 B
1 KB 64ms
19ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/groups/v9/web-48dp/logo_groups_color_1x_web_48dp.png

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

568f6f61b573a37582704c66891f123c9ae3e2d0bca46ed562539d7cdea238db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 06:14:32 GMT
x-content-type-options: nosniff
age: 165698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 16:58:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 06:14:32 GMT

GET
H2 200 googlelogo_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ 2 KB
981 B 89ms
89ms Image
image/svg+xml 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:45:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 663
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Mar 2025 07:45:08 GMT

GET
H2 200 pxiDypQkot1TnFhsFMOfGShVF9eOYktMqg.woff2
fonts.gstatic.com/s/productsans/v9/ 13 KB
13 KB 100ms
31ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eOYktMqg.woff2

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2006c35d30a0adc6ef81dc2073c3dafd7a969261eed1020d5ea0f132e418f191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufa-4.site/
Origin: https://ufa-4.site
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:57:38 GMT
x-content-type-options: nosniff
age: 245912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13188
x-xss-protection: 0
last-modified: Mon, 15 Aug 2016 20:29:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:57:38 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v14/ 14 KB
14 KB 152ms
83ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufa-4.site/
Origin: https://ufa-4.site
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:22:38 GMT
x-content-type-options: nosniff
age: 291212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14576
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 19:22:38 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v14/ 14 KB
14 KB 143ms
74ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca8a090651c62cbe8c24c6e99ce3c75a2aeac745159675da0f35a3249b2d4733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufa-4.site/
Origin: https://ufa-4.site
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:55:45 GMT
x-content-type-options: nosniff
age: 246025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 07:55:45 GMT

GET
H2 200 ALV-UjW13Lzx_ZYRMLno-6h307o-2BPHB8UcffL-pvUmxVLT=s40-c
lh3.googleusercontent.com/a-/ 406 B
699 B 70ms
22ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/a-/ALV-UjW13Lzx_ZYRMLno-6h307o-2BPHB8UcffL-pvUmxVLT=s40-c

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0c062c671f36f377002ec939dd0deeffd718ae9264f19fb6ce6e443ce64730f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 00:27:40 GMT
x-content-type-options: nosniff
server: fife
age: 13710
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406
x-xss-protection: 0
expires: Sat, 23 Mar 2024 00:27:40 GMT

GET
H2 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJHMXBBA.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
159 KB 94ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJHMXBBA.woff2

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb0d08cd57a01d44f44f37b98e603ccfc0cd12f8e3bd6e3f86183fb8e50f585c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufa-4.site/
Origin: https://ufa-4.site
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 03:27:24 GMT
x-content-type-options: nosniff
age: 262126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162852
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:15:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 03:27:24 GMT

GET
H2 200 rs=AA2YrTsD3NlK75Xfa7elLeVL-rEQdQEttg Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.ZRQoOCqxmyk.2019.O/rt=j/m=q_dnp,q_sf,qmd,qcwid,qapid,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3... 155 KB
155 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ZRQoOCqxmyk.2019.O/rt=j/m=q_dnp,q_sf,qmd,qcwid,qapid,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTsD3NlK75Xfa7elLeVL-rEQdQEttg

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d151f7a94a2933b289ca491050f79f23c6683fa03a43084be404578ccd2ee5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 09:01:57 GMT
x-content-type-options: nosniff
age: 242053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158615
x-xss-protection: 0
last-modified: Sun, 15 Oct 2023 01:34:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 09:01:57 GMT

GET
H2 200 rs=AA2YrTspfdc2CFY9fQigvAUeVsoR6jxShA
www.gstatic.com/og/_/ss/k=og.qtm.uGv8uTlIznU.L.W.O/m=q_sf,qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc... 4 KB
1 KB 51ms
51ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.qtm.uGv8uTlIznU.L.W.O/m=q_sf,qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTspfdc2CFY9fQigvAUeVsoR6jxShA

Requested by

Host: ufa-4.site
URL: https://ufa-4.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb7aa017e25452926addee5a4aefd358cd06dfb1f1f93f6905a74573fa8f5343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 19:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1175
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 01:36:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 19:42:50 GMT

GET
H3 200 m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,c0uoEe,A4UTCb,owcnme,dNsHRd,WO9ee,U4Hp0d,NSYzcf,YbIhPd,GcWJze,i78JDf,C3XcFf,G... Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=_b,_tp/excm=_b,_tp,conversation... 1 MB
1 MB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=_b,_tp/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,c0uoEe,A4UTCb,owcnme,dNsHRd,WO9ee,U4Hp0d,NSYzcf,YbIhPd,GcWJze,i78JDf,C3XcFf,GBnt6e,wxXDDb,M72BMd,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,YyFM9b,VXdfxd,XVMNvd,L1AAkb,KUM7Z,Mlhmy,ENNBBf,s39S4,duFQFc,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,NBfYR,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,N5Lqpc,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,t8tqF,QIhFr,ovKuLd,hKSk3e,Fudpzb,yDVVkb,sKlkue,hc6Ubd,SpsfSb,KG2eXe,Z5uLle,MdUzUe,VwDzFe,zbML3c,A7fCU,zr1jrb,gwNYeb,Uas9Hd,pjICDe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/am=AAbp9Nq_va0M/d=1/excm=_b,_tp,conversationdetailview/ed=1/dg=0/wt=2/ujg=1/rs=ALAdxDniuooVnpqhVKCsaOSc7cEgzXXJoA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

962da143ecb3381d7d9cfda7587f87d947cc58a28479208a85056ece8737ffba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:39:44 GMT
x-content-type-options: nosniff
age: 92186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1201730
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 02:39:44 GMT

GET
H3 200 m=Mq9n0c,K99qY,IERrm,txTMtc,CkvV3e,GFartf,V4wfEc,XyWitb,iSvg6e,uY3Nvd,PIUQec,ibNyjf Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQb... 56 KB
56 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQbmf,EEDORb,EFQ78c,ENNBBf,Fudpzb,GBnt6e,GcWJze,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,M72BMd,MI6k7c,MdUzUe,Mlhmy,MpJwZc,N5Lqpc,NBfYR,NSYzcf,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YbIhPd,YyFM9b,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,c0uoEe,dNsHRd,duFQFc,e5qFLc,fKUV3e,gwNYeb,gychg,hKSk3e,hc6Ubd,i78JDf,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,owcnme,pjICDe,pw70Gc,s39S4,sKlkue,t8tqF,w9hDv,wmnU7d,ws9Tlc,wxXDDb,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Mq9n0c,K99qY,IERrm,txTMtc,CkvV3e,GFartf,V4wfEc,XyWitb,iSvg6e,uY3Nvd,PIUQec,ibNyjf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6930e676f9998c10a439458df61d32efc61062a897cd2788798a22f0a28394f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 10:25:43 GMT
x-content-type-options: nosniff
age: 150627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57142
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 10:25:43 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/ 118 KB
40 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ZRQoOCqxmyk.2019.O/rt=j/m=q_dnp,q_sf,qmd,qcwid,qapid,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTsD3NlK75Xfa7elLeVL-rEQdQEttg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d4e56038dcccd960ea62bd2ee6925469001254602dfb54b740f1a1adaf0d7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 22:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40799
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:15:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Mar 2025 22:07:28 GMT

GET
H3 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQb... 19 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQbmf,CkvV3e,EEDORb,EFQ78c,ENNBBf,Fudpzb,GBnt6e,GFartf,GcWJze,IERrm,IZT63,JNoxi,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,M72BMd,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,N5Lqpc,NBfYR,NSYzcf,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PIUQec,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,V4wfEc,VXdfxd,VwDzFe,WO9ee,XVMNvd,XyWitb,YbIhPd,YyFM9b,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,c0uoEe,dNsHRd,duFQFc,e5qFLc,fKUV3e,gwNYeb,gychg,hKSk3e,hc6Ubd,i78JDf,iSvg6e,ibNyjf,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,owcnme,pjICDe,pw70Gc,s39S4,sKlkue,t8tqF,txTMtc,uY3Nvd,w9hDv,wmnU7d,ws9Tlc,wxXDDb,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db323e4514b61373ee0c3ba83ef32c5dac26886b10fcfe0d7b80c9f92250d968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 02:39:44 GMT
x-content-type-options: nosniff
age: 92186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19083
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 02:39:44 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 106 KB
36 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=_b,_tp/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,c0uoEe,A4UTCb,owcnme,dNsHRd,WO9ee,U4Hp0d,NSYzcf,YbIhPd,GcWJze,i78JDf,C3XcFf,GBnt6e,wxXDDb,M72BMd,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,YyFM9b,VXdfxd,XVMNvd,L1AAkb,KUM7Z,Mlhmy,ENNBBf,s39S4,duFQFc,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,NBfYR,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,N5Lqpc,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,t8tqF,QIhFr,ovKuLd,hKSk3e,Fudpzb,yDVVkb,sKlkue,hc6Ubd,SpsfSb,KG2eXe,Z5uLle,MdUzUe,VwDzFe,zbML3c,A7fCU,zr1jrb,gwNYeb,Uas9Hd,pjICDe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c22cd381b4b78b340fabe8a84298d187803c5c76805c1ff1b444c17d111f5f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 03:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37016
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 22:59:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 04:24:13 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQb... 1 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQbmf,CkvV3e,EEDORb,EFQ78c,ENNBBf,Fudpzb,GBnt6e,GFartf,GcWJze,IERrm,IZT63,JNoxi,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,M72BMd,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,N5Lqpc,NBfYR,NSYzcf,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PIUQec,PrPYRd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,V4wfEc,VXdfxd,VwDzFe,WO9ee,XVMNvd,XyWitb,YbIhPd,YyFM9b,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,c0uoEe,dNsHRd,duFQFc,e5qFLc,fKUV3e,gwNYeb,gychg,hKSk3e,hc6Ubd,i78JDf,iSvg6e,ibNyjf,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,owcnme,pjICDe,pw70Gc,s39S4,sKlkue,t8tqF,txTMtc,uY3Nvd,w9hDv,wmnU7d,ws9Tlc,wxXDDb,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8a9f46936c58f8f2f93afe5644211d1f2242ba613f29f03661d1cdb64669b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 10:25:44 GMT
x-content-type-options: nosniff
age: 150626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1326
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 10:25:44 GMT

GET
H3 200 m=Ppzpfb Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQb... 7 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQbmf,CkvV3e,EEDORb,EFQ78c,ENNBBf,Fudpzb,GBnt6e,GFartf,GcWJze,IERrm,IZT63,JNoxi,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,M72BMd,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,N5Lqpc,NBfYR,NSYzcf,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PIUQec,PrPYRd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,V4wfEc,VXdfxd,VwDzFe,WO9ee,XVMNvd,XyWitb,YbIhPd,YyFM9b,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,c0uoEe,dNsHRd,duFQFc,e5qFLc,fKUV3e,gwNYeb,gychg,hKSk3e,hc6Ubd,i78JDf,iSvg6e,ibNyjf,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,owcnme,pjICDe,pw70Gc,s39S4,sKlkue,t8tqF,txTMtc,uY3Nvd,w9hDv,wmnU7d,ws9Tlc,wxXDDb,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Ppzpfb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aab23f64d929f8b0cc80f98d35f0deadbd9039225b0ad9585310e5d308c9444d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 10:25:44 GMT
x-content-type-options: nosniff
age: 150626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6944
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 10:25:44 GMT

GET
H3 200 m=sOXFj,q0xTif,mPxNXc Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQb... 2 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQbmf,CkvV3e,EEDORb,EFQ78c,ENNBBf,Fudpzb,GBnt6e,GFartf,GcWJze,IERrm,IZT63,JNoxi,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,M72BMd,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,N5Lqpc,NBfYR,NSYzcf,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PIUQec,Ppzpfb,PrPYRd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,V4wfEc,VXdfxd,VwDzFe,WO9ee,XVMNvd,XyWitb,YbIhPd,YyFM9b,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,c0uoEe,dNsHRd,duFQFc,e5qFLc,fKUV3e,gwNYeb,gychg,hKSk3e,hc6Ubd,i78JDf,iSvg6e,ibNyjf,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,owcnme,pjICDe,pw70Gc,s39S4,sKlkue,t8tqF,txTMtc,uY3Nvd,w9hDv,wmnU7d,ws9Tlc,wxXDDb,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=sOXFj,q0xTif,mPxNXc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b7fc5c2c669a7a72ace7c760488339d34327cd9a2ec013d040d885c37744ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 10:25:44 GMT
x-content-type-options: nosniff
age: 150626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2345
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 10:25:44 GMT

GET
H3 200 m=Q5OcEd Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQb... 796 B
821 B 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQbmf,CkvV3e,EEDORb,EFQ78c,ENNBBf,Fudpzb,GBnt6e,GFartf,GcWJze,IERrm,IZT63,JNoxi,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,M72BMd,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,N5Lqpc,NBfYR,NSYzcf,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PIUQec,Ppzpfb,PrPYRd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,V4wfEc,VXdfxd,VwDzFe,WO9ee,XVMNvd,XyWitb,YbIhPd,YyFM9b,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,c0uoEe,dNsHRd,duFQFc,e5qFLc,fKUV3e,gwNYeb,gychg,hKSk3e,hc6Ubd,i78JDf,iSvg6e,ibNyjf,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mPxNXc,mdR7q,n73qwf,ovKuLd,owcnme,pjICDe,pw70Gc,q0xTif,s39S4,sKlkue,sOXFj,t8tqF,txTMtc,uY3Nvd,w9hDv,wmnU7d,ws9Tlc,wxXDDb,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Q5OcEd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d9e7f05bd3091048f963f713e86bd3fc1beb4ec27055ba431a2d200208c999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 10:25:44 GMT
x-content-type-options: nosniff
age: 150626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 796
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 10:25:44 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/ 202 KB
202 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4848ea89a7964e61e05d3b105bd4fa974f7f81d89a5a02fbc1c1b72c9309562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 09:01:58 GMT
x-content-type-options: nosniff
age: 242052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206392
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:15:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 09:01:58 GMT

POST batchexecute
groups.google.com/_/GroupsFrontendUi/data/ 0
0

GET
H3 200 m=JNqlS Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQb... 3 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQbmf,CkvV3e,EEDORb,EFQ78c,ENNBBf,Fudpzb,GBnt6e,GFartf,GcWJze,IERrm,IZT63,JNoxi,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,M72BMd,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,N5Lqpc,NBfYR,NSYzcf,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PIUQec,Ppzpfb,PrPYRd,Q5OcEd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,V4wfEc,VXdfxd,VwDzFe,WO9ee,XVMNvd,XyWitb,YbIhPd,YyFM9b,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,c0uoEe,dNsHRd,duFQFc,e5qFLc,fKUV3e,gwNYeb,gychg,hKSk3e,hc6Ubd,i78JDf,iSvg6e,ibNyjf,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mPxNXc,mdR7q,n73qwf,ovKuLd,owcnme,pjICDe,pw70Gc,q0xTif,s39S4,sKlkue,sOXFj,t8tqF,txTMtc,uY3Nvd,w9hDv,wmnU7d,ws9Tlc,wxXDDb,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=JNqlS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0ddc4c964a6d02705c146d3ec09a20d858ec2bbd8048b23434597ab528b745f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 10:25:44 GMT
x-content-type-options: nosniff
age: 150626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3438
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 10:25:44 GMT

POST log
play.google.com/ 0
0

OPTIONS
H2 403 batchexecute
groups.google.com/_/GroupsFrontendUi/data/ Frame 0
0 623ms
554ms Preflight
application/json 2a00:1450:400c:c0b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://groups.google.com/_/GroupsFrontendUi/data/batchexecute?rpcids=plChJe&source-path=%2F&f.sid=-111546632365480941&bl=boq_groupsfrontendserver_20231016.04_p1&hl=en-US&soc-app=696&soc-platform=1&soc-device=1&_reqid=18971&rt=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/GroupsFrontendUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-same-domain
Access-Control-Request-Method: POST
Origin: https://ufa-4.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/GroupsFrontendUi/cspreport
content-type: application/json; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Mar 2024 04:16:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 85ms
27ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://ufa-4.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Mar 2024 04:16:10 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 jserror Show response
groups.google.com/_/GroupsFrontendUi/ 0
416 B 773ms
771ms XHR
text/html 2a00:1450:400c:c0b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://groups.google.com/_/GroupsFrontendUi/jserror?script=https%3A%2F%2Fufa-4.site%2F&error=Failed%20to%20retrieve%20dependencies%20of%20service%20ibNyjf%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20C3XcFf%3A%20pc%60ComponentId%3CNlONsf%3E%60qvD5sc%601%3B0&line=Not%20available

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/GroupsFrontendUi/cspreport, script-src 'report-sample' 'nonce-L_UUtGyCs3mfxGbfNbMeXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GroupsFrontendUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/GroupsFrontendUi/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ufa-4.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Mar 2024 04:16:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/GroupsFrontendUi/cspreport, script-src 'report-sample' 'nonce-L_UUtGyCs3mfxGbfNbMeXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GroupsFrontendUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/GroupsFrontendUi/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 jserror Show response
groups.google.com/_/GroupsFrontendUi/ 0
743 B 734ms
732ms XHR
text/html 2a00:1450:400c:c0b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-51kEqnwuIMyCXKWb8Arwyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GroupsFrontendUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/GroupsFrontendUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/GroupsFrontendUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ufa-4.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 22 Mar 2024 04:16:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-51kEqnwuIMyCXKWb8Arwyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GroupsFrontendUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/GroupsFrontendUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/GroupsFrontendUi/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.html Show response
content-people-pa.googleapis.com/static/ Frame 15E9 432 B
847 B 127ms
30ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content-people-pa.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad8394f3ea36f4380da79ffdfcb74cdd300a6645bb191490fdb62fb503b53f07

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-Zx5DsOUkfAiJVZnuGSxmiA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/xd3cpp/2 require-trusted-types-for 'script'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufa-4.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 287
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Zx5DsOUkfAiJVZnuGSxmiA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/xd3cpp/2 require-trusted-types-for 'script'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp; report-to="gapi"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 04:16:10 GMT
report-to: {"group":"gapi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 googleapis.proxy.js Show response
apis.google.com/js/ Frame 15E9 15 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/googleapis.proxy.js?onload=startup

Requested by

Host: content-people-pa.googleapis.com
URL: https://content-people-pa.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be8cd71dfce47954e3737356085afb3dd4fc7c22d0cf076242061725ca31592

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://content-people-pa.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Mar 2024 04:16:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5897
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "d84fab4252a4350f"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 04:16:10 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/ Frame 15E9 77 KB
77 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51bfed53838c4fc38e50188149988cbd23697cfd7460a2f9d24184ab6ba5f42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://content-people-pa.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 03:29:35 GMT
x-content-type-options: nosniff
age: 261995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78731
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:15:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 03:29:35 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQb... 3 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-groups/_/js/k=boq-groups.GroupsFrontendUi.en_US.DEezVGcpL6k.es5.O/ck=boq-groups.GroupsFrontendUi.UvDV6wpLNsU.L.B1.O/am=AAbp9Nq_va0M/d=1/exm=A4UTCb,A7fCU,BVgquf,C3XcFf,COQbmf,CkvV3e,EEDORb,EFQ78c,ENNBBf,Fudpzb,GBnt6e,GFartf,GcWJze,IERrm,IZT63,JNoxi,JNqlS,K99qY,KG2eXe,KUM7Z,L1AAkb,LEikZe,M72BMd,MI6k7c,MdUzUe,Mlhmy,MpJwZc,Mq9n0c,N5Lqpc,NBfYR,NSYzcf,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PIUQec,Ppzpfb,PrPYRd,Q5OcEd,QIhFr,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,U4Hp0d,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,V4wfEc,VXdfxd,VwDzFe,WO9ee,XVMNvd,XyWitb,YbIhPd,YyFM9b,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,c0uoEe,dNsHRd,duFQFc,e5qFLc,fKUV3e,gwNYeb,gychg,hKSk3e,hc6Ubd,i78JDf,iSvg6e,ibNyjf,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mPxNXc,mdR7q,n73qwf,ovKuLd,owcnme,pjICDe,pw70Gc,q0xTif,s39S4,sKlkue,sOXFj,t8tqF,txTMtc,uY3Nvd,w9hDv,wmnU7d,ws9Tlc,wxXDDb,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,conversationdetailview/ed=1/wt=2/ujg=1/rs=ALAdxDlNP_2bmHtdI2vAe2JUjhvUY3c9_A/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;VS7Vxc:U9fLAc;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69052f0a8cd19accd950c78b87b7ba894d5a3cee20d0a94f3dda2e7d2885cabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ufa-4.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 10:25:44 GMT
x-content-type-options: nosniff
age: 150626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/groups-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3396
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 04:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/groups-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/groups-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/groups-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 10:25:44 GMT

GET
H2 200 rest Show response
content-people-pa.googleapis.com/$discovery/ Frame 15E9 573 KB
35 KB 48ms
48ms XHR
application/json 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content-people-pa.googleapis.com/$discovery/rest?pp=0&fields=fields%5B%22kind%22%5D%2Cfields%5B%22name%22%5D%2Cfields%5B%22version%22%5D%2Cfields%5B%22rootUrl%22%5D%2Cfields%5B%22servicePath%22%5D%2Cfields%5B%22resources%22%5D%2Cfields%5B%22parameters%22%5D%2Cfields%5B%22methods%22%5D%2Cfields%5B%22batchPath%22%5D%2Cfields%5B%22id%22%5D&key=AIzaSyCTUFzfdK-Ob9l_alq5uO9gwWqOy9DIv6Q

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.CzrNRWo3AFk.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7df97a0c3b3b6a6de05ee875e4eb11383c317e32f1b381ece3c345781674b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Encode-Response-If-Executable: base64
X-Origin: https://ufa-4.site
X-ClientDetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Referer: https://content-people-pa.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.CzrNRWo3AFk.O%2Fd%3D1%2Frs%3DAHpOoo8xPbrtpW2bPUIcgU2adGqIEpV82Q%2Fm%3D__features__
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Referer: https://ufa-4.site

Response headers

date: Fri, 22 Mar 2024 04:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36094
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 26ms
26ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://ufa-4.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://play.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 22 Mar 2024 04:16:11 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ 0
0

POST browserinfo
groups.google.com/_/GroupsFrontendUi/ 0
0

OPTIONS
H2 403 browserinfo
groups.google.com/_/GroupsFrontendUi/ Frame 0
0 147ms
130ms Preflight
application/json 2a00:1450:400c:c0b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://groups.google.com/_/GroupsFrontendUi/browserinfo?f.sid=-111546632365480941&bl=boq_groupsfrontendserver_20231016.04_p1&hl=en-US&soc-app=696&soc-platform=1&soc-device=1&_reqid=118971&rt=j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::8b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/GroupsFrontendUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-same-domain
Access-Control-Request-Method: POST
Origin: https://ufa-4.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/GroupsFrontendUi/cspreport
content-type: application/json; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Mar 2024 04:16:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: groups.google.com
URL: https://groups.google.com/_/GroupsFrontendUi/data/batchexecute?rpcids=plChJe&source-path=%2F&f.sid=-111546632365480941&bl=boq_groupsfrontendserver_20231016.04_p1&hl=en-US&soc-app=696&soc-platform=1&soc-device=1&_reqid=18971&rt=c

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: groups.google.com
URL: https://groups.google.com/_/GroupsFrontendUi/browserinfo?f.sid=-111546632365480941&bl=boq_groupsfrontendserver_20231016.04_p1&hl=en-US&soc-app=696&soc-platform=1&soc-device=1&_reqid=118971&rt=j

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ufa-4.site/	1970-01-20 20:01:12	Name: OTZ Value: 7479616_52_52_123900_48_436380

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://ufa-4.site/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://ufa-4.site' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ufa-4.site/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://ufa-4.site' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true&authuser=0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ufa-4.site/ Message: Access to XMLHttpRequest at 'https://groups.google.com/_/GroupsFrontendUi/data/batchexecute?rpcids=plChJe&source-path=%2F&f.sid=-111546632365480941&bl=boq_groupsfrontendserver_20231016.04_p1&hl=en-US&soc-app=696&soc-platform=1&soc-device=1&_reqid=18971&rt=c' from origin 'https://ufa-4.site' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://groups.google.com/_/GroupsFrontendUi/data/batchexecute?rpcids=plChJe&source-path=%2F&f.sid=-111546632365480941&bl=boq_groupsfrontendserver_20231016.04_p1&hl=en-US&soc-app=696&soc-platform=1&soc-device=1&_reqid=18971&rt=c Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ufa-4.site/ Message: Access to XMLHttpRequest at 'https://groups.google.com/_/GroupsFrontendUi/browserinfo?f.sid=-111546632365480941&bl=boq_groupsfrontendserver_20231016.04_p1&hl=en-US&soc-app=696&soc-platform=1&soc-device=1&_reqid=118971&rt=j' from origin 'https://ufa-4.site' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://groups.google.com/_/GroupsFrontendUi/browserinfo?f.sid=-111546632365480941&bl=boq_groupsfrontendserver_20231016.04_p1&hl=en-US&soc-app=696&soc-platform=1&soc-device=1&_reqid=118971&rt=j Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
content-people-pa.googleapis.com
fonts.gstatic.com
groups.google.com
lh3.googleusercontent.com
play.google.com
ufa-4.site
www.gstatic.com
groups.google.com
play.google.com
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:806::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::8b
2a06:98c1:3121::3
0c062c671f36f377002ec939dd0deeffd718ae9264f19fb6ce6e443ce64730f0
0d151f7a94a2933b289ca491050f79f23c6683fa03a43084be404578ccd2ee5c
1c22cd381b4b78b340fabe8a84298d187803c5c76805c1ff1b444c17d111f5f3
1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a
2006c35d30a0adc6ef81dc2073c3dafd7a969261eed1020d5ea0f132e418f191
20b7fc5c2c669a7a72ace7c760488339d34327cd9a2ec013d040d885c37744ab
23b7579177c68a67b10d4a7fac6305c168f2583e9b71fa1dca671a35a74e6aac
44d9e7f05bd3091048f963f713e86bd3fc1beb4ec27055ba431a2d200208c999
468de1403d76d0d861f3545e3562d7b73a6fca20fc55be6f9b68bf8241b64dbd
51bfed53838c4fc38e50188149988cbd23697cfd7460a2f9d24184ab6ba5f42c
568f6f61b573a37582704c66891f123c9ae3e2d0bca46ed562539d7cdea238db
69052f0a8cd19accd950c78b87b7ba894d5a3cee20d0a94f3dda2e7d2885cabf
6be8cd71dfce47954e3737356085afb3dd4fc7c22d0cf076242061725ca31592
962da143ecb3381d7d9cfda7587f87d947cc58a28479208a85056ece8737ffba
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
9d4e56038dcccd960ea62bd2ee6925469001254602dfb54b740f1a1adaf0d7b2
a0ddc4c964a6d02705c146d3ec09a20d858ec2bbd8048b23434597ab528b745f
a4848ea89a7964e61e05d3b105bd4fa974f7f81d89a5a02fbc1c1b72c9309562
a7df97a0c3b3b6a6de05ee875e4eb11383c317e32f1b381ece3c345781674b66
aab23f64d929f8b0cc80f98d35f0deadbd9039225b0ad9585310e5d308c9444d
ad8394f3ea36f4380da79ffdfcb74cdd300a6645bb191490fdb62fb503b53f07
b8a9f46936c58f8f2f93afe5644211d1f2242ba613f29f03661d1cdb64669b70
ca8a090651c62cbe8c24c6e99ce3c75a2aeac745159675da0f35a3249b2d4733
cb7aa017e25452926addee5a4aefd358cd06dfb1f1f93f6905a74573fa8f5343
db323e4514b61373ee0c3ba83ef32c5dac26886b10fcfe0d7b80c9f92250d968
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6930e676f9998c10a439458df61d32efc61062a897cd2788798a22f0a28394f
eb0d08cd57a01d44f44f37b98e603ccfc0cd12f8e3bd6e3f86183fb8e50f585c
feb449fab877394b30eb738ed19eacb0256ec18381c6d2901836f30bcd4ea213

ufa-4.site Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

89 %HTTPS

100 %IPv6

5 Domains

8 Subdomains

9 IPs

3 Countries

2373 kBTransfer

3503 kBSize

1 Cookies

10 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ufa-4.site Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

89 %
HTTPS

100 %
IPv6

5
Domains

8
Subdomains

9
IPs

3
Countries

2373 kB
Transfer

3503 kB
Size

1
Cookies

38 HTTP transactions
0 data transactions