www.rosecc.info Open in urlscan Pro
2606:4700:3035::6815:230f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.helpdesk-south9.publicvm.com/
Effective URL:
https://www.rosecc.info/login
Submission: On May 01 via automatic, source certstream-suspicious (May 1st 2023, 3:25:50 pm UTC) — Scanned from CA

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3035::6815:230f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rosecc.info.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2023. Valid for: 3 months.

This is the only time www.rosecc.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.89.117.75 159.89.117.75	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 8	2606:4700:303... 2606:4700:3035::6815:230f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
4	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
21	7

1 159.89.117.75 (Toronto, Canada) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.helpdesk-south9.publicvm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3035::6815:230f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.rosecc.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gstatic.com fonts.gstatic.com www.gstatic.com	586 KB
8	rosecc.info 1 redirects www.rosecc.info	10 KB
4	google.com www.google.com — Cisco Umbrella Rank: 16	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	30 KB
1	publicvm.com 1 redirects www.helpdesk-south9.publicvm.com	400 B
21	6

	Domain	Requested by
8	www.rosecc.info	1 redirects www.rosecc.info
6	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.rosecc.info www.gstatic.com www.google.com
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
1	fonts.googleapis.com	www.rosecc.info
1	code.jquery.com	www.rosecc.info
1	www.helpdesk-south9.publicvm.com	1 redirects
21	7

This site contains no links.

Subject Issuer	Validity	Valid
*.rosecc.info GTS CA 1P5	`2023-04-03` - `2023-07-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.rosecc.info/login
Frame ID: 792AED301C1A3BC62E4492818C9A2573
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyVq0eAAAAAHEjfC-Ya6Pq7eKnGNNTdhbjWM7L&co=aHR0cHM6Ly93d3cucm9zZWNjLmluZm86NDQz&hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg&theme=dark&size=normal&cb=x42plsvwmw64
Frame ID: 05DD0932EADA114EF54D1252C6D2C25C
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg&k=6LeyVq0eAAAAAHEjfC-Ya6Pq7eKnGNNTdhbjWM7L
Frame ID: 384BCE7859544622B6DF5E065F0AC5F4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RoseCC | Login

Page URL History Show full URLs

https://www.helpdesk-south9.publicvm.com/ HTTP 302
https://www.rosecc.info/ HTTP 302
https://www.rosecc.info/login Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

21
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

657 kB
Transfer

1572 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.helpdesk-south9.publicvm.com/ HTTP 302
https://www.rosecc.info/ HTTP 302
https://www.rosecc.info/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.rosecc.info/
Redirect Chain

https://www.helpdesk-south9.publicvm.com/
https://www.rosecc.info/
https://www.rosecc.info/login

3 KB
1 KB

307ms
306ms

Document
text/html

2606:4700:3035::6815:230f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rosecc.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:230f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1cd292ce470e3f7a861d4c950c34326444bfe7532958610b6b2b61cd6934ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c0909eb8b0c0f8b-EWR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 15:25:43 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEaKQXsXZ25ZDY2LFBUPCpY8ecwlcecv%2FDDdXO3Vif%2FC88pSomxZ7ipeOmlusjTIboO9GF06BNfwK4nI3tv9EJpnr9bkcmGUeveiVIl%2FpKUqShXF8VIm7uKyjN9t3TPjRiZVqMUi7INlBcljzmc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c0909e46e810f8b-EWR
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 15:25:43 GMT
expires: 0
location: /login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqJW7Y50Rs14TlIOIK31kn83XYjskhlcu32fJnm0%2BTejk6y1w0hhYUzlDlqyzkvz%2BSgQIH0KZ9Y%2FFrlMi1N5ehWkUMqfbG1f0dti7Pg%2BtMlN8%2BB78sdi1PzinyZPKjQYcVzbxP96qvLcv9gFYlk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 main.css
www.rosecc.info/static/ 5 KB
2 KB 1081ms
1080ms Stylesheet
text/css 2606:4700:3035::6815:230f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rosecc.info/static/main.css
Requested by: Host: www.rosecc.info
URL: https://www.rosecc.info/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:230f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacd30a5bf401a2210da93a409af1e15bab4ad895ce51a60ddc273fa8db59fbe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rosecc.info/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 28 Jul 2022 14:52:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dd5ecEBnLUNT%2F9lRKR07p%2FwU%2FTgC6l2dWdwHJleSlq%2FZ2QRANeLDI%2B5BaXNZOwJYNl1HdoIVfkUmoH8Wj9Z8IC8KdwYrqHeaen%2B5OS4pFtSQ%2FZ8GVudNX0rpC47bwVELClmO3inFW6nOv9SOJj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=3600
content-disposition: inline; filename=main.css
cf-ray: 7c0909ed8bd9c457-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 main.js Show response
www.rosecc.info/static/ 1017 B
843 B 1143ms
1141ms Script
application/javascript 2606:4700:3035::6815:230f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rosecc.info/static/main.js
Requested by: Host: www.rosecc.info
URL: https://www.rosecc.info/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:230f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856bcdb2d77e7129dd073cec45dbcf6c6c1b3af0202e851132a8dd95c128e26e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rosecc.info/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:45 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Mar 2022 13:06:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvXc5XCchenRaAYOuK6Hog1WiTQCJqnEbLyqUTek2vMTe7kGBFpbApFLvNwuOjHYkXnGMtdUc5yrJKlwbC3o8NzZltOU7K2biYpOGb2%2F7aSrtQjPH09lvSbzLiKRikZvsKkU2diZNXwFZzfH%2F58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
content-disposition: inline; filename=main.js
cf-ray: 7c0909ed8bdcc457-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 error_messages.js Show response
www.rosecc.info/static/ 1 KB
903 B 1085ms
1084ms Script
application/javascript 2606:4700:3035::6815:230f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rosecc.info/static/error_messages.js
Requested by: Host: www.rosecc.info
URL: https://www.rosecc.info/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:230f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 223aa720349836f95dacfe485e52e2dd67f27a59c7332a918bea528a13f168f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rosecc.info/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Feb 2022 16:51:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7C3%2FGlhl%2B3p3W1JygSD2NfxE3%2FNlaSlIJyFSf8ho%2BZRITYHQwz8Kd9XK1uEpMFn6dH7JuhwcIu3r0GsYfctBe%2Bi8lkqmGtSxyYf6Wr6Zl1cXjY2iDkTrHCBneZwBLC0ZBlxlkUtVPNpmFAkT%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
content-disposition: inline; filename=error_messages.js
cf-ray: 7c0909ed8bdec457-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 86ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.rosecc.info
URL: https://www.rosecc.info/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://www.rosecc.info/
Origin: https://www.rosecc.info
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
x-hw: 1682954743.dop173.dc2.t,1682954743.cds240.dc2.hn,1682954743.cds235.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H3 200 account.css
www.rosecc.info/static/ 3 KB
1 KB 1083ms
1082ms Stylesheet
text/css 2606:4700:3035::6815:230f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rosecc.info/static/account.css
Requested by: Host: www.rosecc.info
URL: https://www.rosecc.info/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:230f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59ed017162abb28e0206e81ac78e2832986bd8744992dad35afbd4ec395e90b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rosecc.info/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 06 Mar 2022 14:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UX6jCObS7DtwfhIKQ%2FzPHZIcZhDjvovFjH3jthqXlNZL6khdwfEzfh%2BaxGwKDVxqXzptT%2BtNH4D40KbUn3QhWNZN3hXR7ojEooYs1TlKWyxrE07Um6dgNMzn%2BBwwAZmyjPC7TKqNtUPgkf5eJZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=3600
content-disposition: inline; filename=account.css
cf-ray: 7c0909ed8bdfc457-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
872 B 86ms
41ms Script
text/javascript 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.rosecc.info
URL: https://www.rosecc.info/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ff0d09ce5c2b3fe0a6119b36f430ad668c06ec1f7e0a7efac00dfb756bcfa076

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rosecc.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 552
x-xss-protection: 1; mode=block
expires: Mon, 01 May 2023 15:25:45 GMT

GET
H3 200 login.js Show response
www.rosecc.info/static/ 927 B
1000 B 1091ms
1090ms Script
application/javascript 2606:4700:3035::6815:230f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rosecc.info/static/login.js
Requested by: Host: www.rosecc.info
URL: https://www.rosecc.info/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:230f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4674421ab89041bea1a017e1e06aa36d781392b36e02411e7da69efa8e33213

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rosecc.info/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 30 Apr 2022 15:42:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkW9yH94mOIzHVsjpVHKWeCeMmJnA76cEq5fkxRiTmOZw3AzDWRCPyA24ZDOYEkpe5BC6pE6BezGK50j54iYfAbQWLVlCsBcXgJ5nEJkdoHQeVlevbZM2fmi5X0lA6BgML2aZ%2BXvzg2uYuTn6%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
content-disposition: inline; filename=login.js
cf-ray: 7c0909ed8be0c457-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 logo.svg
www.rosecc.info/static/ 9 KB
2 KB 302ms
301ms Image
image/svg+xml 2606:4700:3035::6815:230f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rosecc.info/static/logo.svg
Requested by: Host: www.rosecc.info
URL: https://www.rosecc.info/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:230f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39642cfa30fef54627c4d2899c989b8a068108547d74d475b91bc9ce3630e095

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rosecc.info/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 15:25:45 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 28 Jul 2022 14:38:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRz%2FBUHMOrNboWErACD6kSson4cBjlzbJWru3v2WRuOJjhXB3FJ2E%2Bj3IftH4beoSxkue6xI4npXnr4AS0BvGMvURargqPyk5Q5ZtTndIODfNm45nNF0JkQGjt6P7fl%2FwBPJw1%2BxoztTU0WfT8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
cache-control: public, max-age=3600
content-disposition: inline; filename=logo.svg
cf-ray: 7c0909f4ce77c457-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 76ms
35ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Code:wght@300;400;500;600;700&display=swap

Requested by

Host: www.rosecc.info
URL: https://www.rosecc.info/static/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

301b1741534f03d39ddf59d37fed8d08aac613e9de766f4f055a612b5b5a1287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.rosecc.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 15:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 15:18:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 15:25:45 GMT

GET
H2 200 uU9NCBsR6Z2vfE9aq3bh3dSD.woff2
fonts.gstatic.com/s/firacode/v21/ 35 KB
35 KB 61ms
16ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firacode/v21/uU9NCBsR6Z2vfE9aq3bh3dSD.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Code:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bee40b01b898fa158a44e58a31940f46bee5fc9f713bdcd4f70d64da05694b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rosecc.info
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 10:52:07 GMT
x-content-type-options: nosniff
age: 189218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35684
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 10:52:07 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ 405 KB
162 KB 58ms
12ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c66aac71361951c630ee399753ce89868dda4d3f0629870a07ac96c91c00711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rosecc.info/
Origin: https://www.rosecc.info
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 03:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165374
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 03:26:55 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 05DD 50 KB
28 KB 57ms
56ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyVq0eAAAAAHEjfC-Ya6Pq7eKnGNNTdhbjWM7L&co=aHR0cHM6Ly93d3cucm9zZWNjLmluZm86NDQz&hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg&theme=dark&size=normal&cb=x42plsvwmw64

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8098264783b630f9d6e96d4ba68dd93775a19f00a059957fe234236505ffe6db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uM5ICyAGXvwS4k0D8huQsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rosecc.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28246
content-security-policy: script-src 'report-sample' 'nonce-uM5ICyAGXvwS4k0D8huQsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 15:25:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame 05DD 55 KB
24 KB 43ms
15ms Stylesheet
text/css 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyVq0eAAAAAHEjfC-Ya6Pq7eKnGNNTdhbjWM7L&co=aHR0cHM6Ly93d3cucm9zZWNjLmluZm86NDQz&hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg&theme=dark&size=normal&cb=x42plsvwmw64

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 23:40:29 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame 05DD 405 KB
162 KB 48ms
20ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c66aac71361951c630ee399753ce89868dda4d3f0629870a07ac96c91c00711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 03:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165374
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 03:26:55 GMT

GET
DATA 200
OK truncated
/ Frame 05DD 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 05DD 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 05DD 2 KB
2 KB 12ms
12ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 10:18:37 GMT
x-content-type-options: nosniff
age: 191228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 06 May 2023 10:18:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 05DD 15 KB
15 KB 15ms
14ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 16:49:44 GMT
x-content-type-options: nosniff
age: 167761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 16:49:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 05DD 102 B
134 B 40ms
39ms Other
text/javascript 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ae1f76fb431aa81f36b1491ae24bfa6e098a400da3bff8b55ee03bbe0e91797

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyVq0eAAAAAHEjfC-Ya6Pq7eKnGNNTdhbjWM7L&co=aHR0cHM6Ly93d3cucm9zZWNjLmluZm86NDQz&hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg&theme=dark&size=normal&cb=x42plsvwmw64
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 01 May 2023 15:25:45 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 384B 7 KB
1 KB 44ms
43ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg&k=6LeyVq0eAAAAAHEjfC-Ya6Pq7eKnGNNTdhbjWM7L

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df4d9958c15956f4e324fe1f858efef0c64d348261c37506b0f05151a8edef3b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PlgB10sxdD910d_n-ZkFIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rosecc.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1141
content-security-policy: script-src 'report-sample' 'nonce-PlgB10sxdD910d_n-ZkFIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 15:25:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame 384B 55 KB
24 KB 12ms
11ms Stylesheet
text/css 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg&k=6LeyVq0eAAAAAHEjfC-Ya6Pq7eKnGNNTdhbjWM7L

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 23:40:29 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/ Frame 384B 405 KB
162 KB 13ms
13ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4q6CtudrwcI-LSEYlfoEbDXg/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=4q6CtudrwcI-LSEYlfoEbDXg&k=6LeyVq0eAAAAAHEjfC-Ya6Pq7eKnGNNTdhbjWM7L

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c66aac71361951c630ee399753ce89868dda4d3f0629870a07ac96c91c00711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 03:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165374
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 20:17:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 03:26:55 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.helpdesk-south9.publicvm.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 37dcd324a1fed10533dbce92ef375e77

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
www.google.com
www.gstatic.com
www.helpdesk-south9.publicvm.com
www.rosecc.info
159.89.117.75
2001:4de0:ac18::1:a:2b
2606:4700:3035::6815:230f
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bee40b01b898fa158a44e58a31940f46bee5fc9f713bdcd4f70d64da05694b6
223aa720349836f95dacfe485e52e2dd67f27a59c7332a918bea528a13f168f7
301b1741534f03d39ddf59d37fed8d08aac613e9de766f4f055a612b5b5a1287
39642cfa30fef54627c4d2899c989b8a068108547d74d475b91bc9ce3630e095
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
8098264783b630f9d6e96d4ba68dd93775a19f00a059957fe234236505ffe6db
856bcdb2d77e7129dd073cec45dbcf6c6c1b3af0202e851132a8dd95c128e26e
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9ae1f76fb431aa81f36b1491ae24bfa6e098a400da3bff8b55ee03bbe0e91797
9c66aac71361951c630ee399753ce89868dda4d3f0629870a07ac96c91c00711
a4674421ab89041bea1a017e1e06aa36d781392b36e02411e7da69efa8e33213
aacd30a5bf401a2210da93a409af1e15bab4ad895ce51a60ddc273fa8db59fbe
be1cd292ce470e3f7a861d4c950c34326444bfe7532958610b6b2b61cd6934ed
df4d9958c15956f4e324fe1f858efef0c64d348261c37506b0f05151a8edef3b
e59ed017162abb28e0206e81ac78e2832986bd8744992dad35afbd4ec395e90b
ff0d09ce5c2b3fe0a6119b36f430ad668c06ec1f7e0a7efac00dfb756bcfa076
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.rosecc.info Open in urlscan Pro 2606:4700:3035::6815:230f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

86 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

657 kBTransfer

1572 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Indicators

www.rosecc.info Open in urlscan Pro
2606:4700:3035::6815:230f Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

657 kB
Transfer

1572 kB
Size

1
Cookies

21 HTTP transactions
2 data transactions