www.google.com Open in urlscan Pro
142.250.185.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://butterandsugar.co/pakar69/
Effective URL:
https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5...
Submission Tags: @phish_report
Submission: On November 03 via api (November 3rd 2024, 11:34:25 am UTC) from FI — Scanned from FI

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 142.250.185.228, located in United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 3.
TLS certificate: Issued by WR2 on October 7th 2024. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	172.67.209.7 172.67.209.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
6	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
6	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
18	5

5 172.67.209.7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

butterandsugar.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rejodadi.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vibrantindiafoundation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.78 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	gstatic.com www.gstatic.com fonts.gstatic.com	275 KB
7	google.com www.google.com — Cisco Umbrella Rank: 3 Failed google.com — Cisco Umbrella Rank: 1	45 KB
5	butterandsugar.co 2 redirects butterandsugar.co	8 KB
1	vibrantindiafoundation.com 1 redirects vibrantindiafoundation.com	481 B
1	rejodadi.co.id 1 redirects rejodadi.co.id	485 B
18	5

	Domain	Requested by
6	www.gstatic.com	www.google.com www.gstatic.com
6	www.google.com	www.google.com www.gstatic.com
5	butterandsugar.co	2 redirects butterandsugar.co
1	fonts.gstatic.com	www.google.com
1	google.com	1 redirects
1	vibrantindiafoundation.com	1 redirects
1	rejodadi.co.id	1 redirects
18	7

This site contains links to these domains. Also see Links.

Domain
support.google.com

Subject Issuer	Validity	Valid
butterandsugar.co WE1	`2024-10-30` - `2025-01-28`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Frame ID: 3BD18492AAC694EE673B59C41F802D18
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&s=QeH3kr9clcI2rd-9eOe9lHNbdMj-Ypj0_NEfvuLwflQ-NiQNqcj83EWasFkV1A9vaHjz6H8C9qXQJJE6Lo7N_gO9UNBKB237GIHVhwGo05oK43TkXv54K4AyRp28grEQoNOs81GNZfCRm1p7V6oPBZfHhkFLh4swo04qbsapHeaqm1OScT3wWEYuc0TtsazKT1iWZAYPbu2MYFxklIppuPq3f3Bhb5tZgEN8SSN_UnouTzqc1SjMwTINNLog3My1vMyGVMg5t2gNcqRofFFvZYl5ImMJd8A&cb=qigebor2lru4
Frame ID: 1380825293BD2D1E0365A9142F8D6FA8
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Frame ID: F7DCD995DDA1E7B9BC9B4409659F145D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

https://google.com/

Page URL History Show full URLs

https://butterandsugar.co/pakar69/ Page URL
https://butterandsugar.co/cdn-cgi/phish-bypass?atok=Ba9sKQrxwx6ymvSVG9TRmwh1z.Eo8JbXZuL6Eab39ys-173063... HTTP 301
https://butterandsugar.co/pakar69/ HTTP 301
https://rejodadi.co.id/ HTTP 301
https://vibrantindiafoundation.com/ HTTP 301
https://google.com/ HTTP 302
https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNU... Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

18
Requests

89 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

327 kB
Transfer

1958 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/websearch/answer/86640
Title: Lisätietoja

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://butterandsugar.co/pakar69/ Page URL
https://butterandsugar.co/cdn-cgi/phish-bypass?atok=Ba9sKQrxwx6ymvSVG9TRmwh1z.Eo8JbXZuL6Eab39ys-1730633655-0.0.1.1-%2Fpakar69%2F HTTP 301
https://butterandsugar.co/pakar69/ HTTP 301
https://rejodadi.co.id/ HTTP 301
https://vibrantindiafoundation.com/ HTTP 301
https://google.com/ HTTP 302
https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://butterandsugar.co/favicon.ico HTTP 301
https://rejodadi.co.id/ HTTP 301
https://vibrantindiafoundation.com/ HTTP 301
https://google.com/ HTTP 302
https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLm_nbkGIjDSFXBg4rwFLbg63KBHz_jxdvNIsxhtnnVGbuKPEMB-UMnNQeFKDsb7W6dNyKVtsMwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

18 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 403 / Show response
butterandsugar.co/pakar69/ 4 KB
2 KB 205ms
97ms Document
text/html 172.67.209.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://butterandsugar.co/pakar69/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.209.7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9fb3f6f8bcda8282c66e67674dba1857db4ae63edcd3e25958afd465216c7fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray: 8dcc0dddecbac2f5-VIE
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 03 Nov 2024 11:34:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKrTcBuMDXkOaPosSM18GYzZeC%2FAcLeIT5kDzH7%2BHMieN6Jm2suSCgJDIMyVTM2q5MYYvlQlaBipKqaRD%2FvtYrc6dmhZ10Gaiop5M1ZuVAGNmNVlnqR35TpzVaViZjfzklrXBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
butterandsugar.co/cdn-cgi/styles/ 23 KB
5 KB 88ms
88ms Stylesheet
text/css 172.67.209.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://butterandsugar.co/cdn-cgi/styles/cf.errors.css

Requested by

Host: butterandsugar.co
URL: https://butterandsugar.co/pakar69/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.209.7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://butterandsugar.co/pakar69/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"671bcbc4-5df3"
x-content-type-options: nosniff
cf-ray: 8dcc0dde8d68c2f5-VIE
expires: Sun, 03 Nov 2024 13:34:16 GMT
date: Sun, 03 Nov 2024 11:34:16 GMT
content-type: text/css
last-modified: Fri, 25 Oct 2024 16:48:04 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
butterandsugar.co/cdn-cgi/images/ 452 B
635 B 87ms
87ms Image
image/png 172.67.209.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://butterandsugar.co/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: butterandsugar.co
URL: https://butterandsugar.co/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.209.7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://butterandsugar.co/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "671bcbc4-1c4"
x-content-type-options: nosniff
cf-ray: 8dcc0ddf1e12c2f5-VIE
expires: Sun, 03 Nov 2024 13:34:16 GMT
accept-ranges: bytes
content-length: 452
date: Sun, 03 Nov 2024 11:34:16 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 16:48:04 GMT
server: cloudflare
x-frame-options: DENY

GET

index
www.google.com/sorry/
Redirect Chain

https://butterandsugar.co/favicon.ico
https://rejodadi.co.id/
https://vibrantindiafoundation.com/
https://google.com/
https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLm_nbkGIjDSFXBg4rwFLbg63KBHz_jxdvNIsxhtnnVGbuKPEMB-UMnNQeFKDsb7W6dNyKVtsMwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

0
0

GET
H3

429

Primary Request index Show response
www.google.com/sorry/
Redirect Chain

https://butterandsugar.co/cdn-cgi/phish-bypass?atok=Ba9sKQrxwx6ymvSVG9TRmwh1z.Eo8JbXZuL6Eab39ys-1730633655-0.0.1.1-%2Fpakar69%2F
https://butterandsugar.co/pakar69/
https://rejodadi.co.id/
https://vibrantindiafoundation.com/
https://google.com/
https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

3 KB
3 KB

205ms
74ms

Document
text/html

142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

HTTP server (unknown) /

Resource Hash

14a740744e4d92e64a74af6aa973448cbc5b96e36549642e7e68642a6a2268af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://butterandsugar.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate
content-length: 3141
content-type: text/html
date: Sun, 03 Nov 2024 11:34:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-veJt1McvgJKDYvv9GT-Ogw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sun, 03 Nov 2024 11:34:21 GMT
location: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-frame-options: SAMEORIGIN
x-hallmonitor-challenge: CgsIvb-duQYQrpbVBRIEudSVzg
x-xss-protection: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 76ms
75ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

ESF /

Resource Hash

f6c4cee5ab420f7ffe5f8062e14fdc88e9cdad3b404d3f5490037b5bb5bc7489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 11:34:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 03 Nov 2024 11:34:21 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 142ms
66ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

d03c3eb3933039bc78365dea3d9cd604bb96aa494572efbcc6755f448ecf29a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.google.com
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 330948
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:38:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:38:33 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221765
x-xss-protection: 0
server: sffe

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1380 49 KB
30 KB 85ms
85ms Document
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&s=QeH3kr9clcI2rd-9eOe9lHNbdMj-Ypj0_NEfvuLwflQ-NiQNqcj83EWasFkV1A9vaHjz6H8C9qXQJJE6Lo7N_gO9UNBKB237GIHVhwGo05oK43TkXv54K4AyRp28grEQoNOs81GNZfCRm1p7V6oPBZfHhkFLh4swo04qbsapHeaqm1OScT3wWEYuc0TtsazKT1iWZAYPbu2MYFxklIppuPq3f3Bhb5tZgEN8SSN_UnouTzqc1SjMwTINNLog3My1vMyGVMg5t2gNcqRofFFvZYl5ImMJd8A&cb=qigebor2lru4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__fi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

ESF /

Resource Hash

0ae8d9a03924a613a068b9ec61fbbc8dc807826f1b880bf0b23c2cb5ef494715

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f9OwgEEk-Tgo3b3wBDcjnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f9OwgEEk-Tgo3b3wBDcjnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Nov 2024 11:34:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ Frame 1380 77 KB
41 KB 74ms
73ms Stylesheet
text/css 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&s=QeH3kr9clcI2rd-9eOe9lHNbdMj-Ypj0_NEfvuLwflQ-NiQNqcj83EWasFkV1A9vaHjz6H8C9qXQJJE6Lo7N_gO9UNBKB237GIHVhwGo05oK43TkXv54K4AyRp28grEQoNOs81GNZfCRm1p7V6oPBZfHhkFLh4swo04qbsapHeaqm1OScT3wWEYuc0TtsazKT1iWZAYPbu2MYFxklIppuPq3f3Bhb5tZgEN8SSN_UnouTzqc1SjMwTINNLog3My1vMyGVMg5t2gNcqRofFFvZYl5ImMJd8A&cb=qigebor2lru4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

11a188a204934185ab5649a1f838fe771c3d84c928bc8286ef999fb5b8deda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 84885
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 02 Nov 2025 11:59:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 11:59:36 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
content-length: 42051
x-xss-protection: 0
server: sffe

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ Frame 1380 547 KB
0 0ms
0ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__fi.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

d03c3eb3933039bc78365dea3d9cd604bb96aa494572efbcc6755f448ecf29a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 330948
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:38:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:38:33 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221765
x-xss-protection: 0
server: sffe

GET webworker.js
www.google.com/recaptcha/api2/ Frame 0
0

GET
DATA 200
OK truncated
/ Frame 1380 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03828e191475acba8cffd5a635b43cfba18b6a2dda824a93dab884be0c0afd3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1380 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b4bf9ed203082fd0712bf34c05621111a3cb563a299c2cd77a34b7f7ef7d390

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1380 2 KB
2 KB 64ms
64ms Image
image/png 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/styles__ltr.css

Response headers

age: 473192
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 00:07:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 00:07:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
content-length: 2228
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1380 15 KB
15 KB 145ms
63ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.google.com
Referer: https://www.google.com/

Response headers

age: 467767
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 01:38:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 01:38:15 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 fjR1YsZcYM2JOhJRK9G2WgIyjktmbXjRewVmA9lk-tI.js Show response
www.google.com/js/bg/ Frame 1380 18 KB
8 KB 65ms
64ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/fjR1YsZcYM2JOhJRK9G2WgIyjktmbXjRewVmA9lk-tI.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__fi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

7e347562c65c60cd893a12512bd1b65a02328e4b666d78d17b056603d964fad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&s=QeH3kr9clcI2rd-9eOe9lHNbdMj-Ypj0_NEfvuLwflQ-NiQNqcj83EWasFkV1A9vaHjz6H8C9qXQJJE6Lo7N_gO9UNBKB237GIHVhwGo05oK43TkXv54K4AyRp28grEQoNOs81GNZfCRm1p7V6oPBZfHhkFLh4swo04qbsapHeaqm1OScT3wWEYuc0TtsazKT1iWZAYPbu2MYFxklIppuPq3f3Bhb5tZgEN8SSN_UnouTzqc1SjMwTINNLog3My1vMyGVMg5t2gNcqRofFFvZYl5ImMJd8A&cb=qigebor2lru4

Response headers

content-encoding: br
age: 300611
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 00:04:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 00:04:11 GMT
last-modified: Tue, 22 Oct 2024 16:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 7770
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
www.google.com/ 5 KB
1 KB 68ms
67ms Other
image/x-icon 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

Response headers

content-encoding: gzip
age: 604
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 11:24:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 11:24:18 GMT
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=691200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1494
x-xss-protection: 0
server: sffe

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame F7DC 8 KB
1 KB 81ms
79ms Document
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__fi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

ESF /

Resource Hash

137876a83b563258ad64621eb916a2075af20c20322e27ad6af4019fc04d0678

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gJqpo94TiDAMQMLH0F4UvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gJqpo94TiDAMQMLH0F4UvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Nov 2024 11:34:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ Frame F7DC 77 KB
0 0ms
0ms Stylesheet
text/css 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

11a188a204934185ab5649a1f838fe771c3d84c928bc8286ef999fb5b8deda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 84885
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 02 Nov 2025 11:59:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 11:59:36 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
content-length: 42051
x-xss-protection: 0
server: sffe

GET
H3 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ Frame F7DC 547 KB
0 1ms
1ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

d03c3eb3933039bc78365dea3d9cd604bb96aa494572efbcc6755f448ecf29a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 330948
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:38:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:38:33 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221765
x-xss-protection: 0
server: sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLm_nbkGIjDSFXBg4rwFLbg63KBHz_jxdvNIsxhtnnVGbuKPEMB-UMnNQeFKDsb7W6dNyKVtsMwyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/webworker.js?hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.butterandsugar.co/	1970-01-21 00:45:20	Name: __cf_mw_byp Value: Ba9sKQrxwx6ymvSVG9TRmwh1z.Eo8JbXZuL6Eab39ys-1730633655-0.0.1.1-/pakar69/
.google.com/	1970-01-21 05:03:05	Name: AEC Value: AVYB7coT97XJHRdZfvlFqexg-_4pkjrJkLAGQEr31kM1uUddIj7FOUFJzA
.google.com/	1970-01-21 10:13:40	Name: __Secure-ENID Value: 23.SE=XRRRInuqrLzSxW0-5xZUzkv7L3m91pGHi3yTCT7ygYzJIzD5LuxbExgcFl1UZC2h2DRp6PCovYwKdc6bdDeRJNzx5uhoHdRbNJDbqoENr8d6qo-_HkQZX9InChAttuOTQQ-lhpIHJdatw6cy8rj8jU3WCC13uaZYNhnHttDF5E0ISElb0tfrIh0_kTedqBoz4V7s-Ar-CJq3eP84QNw2xxOgWJTdzPKwTlTJ8uw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://butterandsugar.co/pakar69/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.google.com/sorry/index?continue=https://google.com/&q=EgS51JXOGLy_nbkGIjBGQmx9eiFTGePNUTGgup-MFXtjgkd1qoU_5YA7tXRklPf-E_ivwRN34aoI5jBHlAgyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM Message: Failed to load resource: the server responded with a status of 429 ()
security	warning	URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&s=QeH3kr9clcI2rd-9eOe9lHNbdMj-Ypj0_NEfvuLwflQ-NiQNqcj83EWasFkV1A9vaHjz6H8C9qXQJJE6Lo7N_gO9UNBKB237GIHVhwGo05oK43TkXv54K4AyRp28grEQoNOs81GNZfCRm1p7V6oPBZfHhkFLh4swo04qbsapHeaqm1OScT3wWEYuc0TtsazKT1iWZAYPbu2MYFxklIppuPq3f3Bhb5tZgEN8SSN_UnouTzqc1SjMwTINNLog3My1vMyGVMg5t2gNcqRofFFvZYl5ImMJd8A&cb=qigebor2lru4 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://www.google.com/recaptcha/api2/bframe?hl=fi&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

butterandsugar.co
fonts.gstatic.com
google.com
rejodadi.co.id
vibrantindiafoundation.com
www.google.com
www.gstatic.com
www.google.com
142.250.185.228
142.250.185.99
142.250.186.78
142.250.186.99
172.67.209.7
188.114.96.3
188.114.97.3
03828e191475acba8cffd5a635b43cfba18b6a2dda824a93dab884be0c0afd3a
0ae8d9a03924a613a068b9ec61fbbc8dc807826f1b880bf0b23c2cb5ef494715
11a188a204934185ab5649a1f838fe771c3d84c928bc8286ef999fb5b8deda69
137876a83b563258ad64621eb916a2075af20c20322e27ad6af4019fc04d0678
14a740744e4d92e64a74af6aa973448cbc5b96e36549642e7e68642a6a2268af
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2b4bf9ed203082fd0712bf34c05621111a3cb563a299c2cd77a34b7f7ef7d390
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
7e347562c65c60cd893a12512bd1b65a02328e4b666d78d17b056603d964fad2
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
d03c3eb3933039bc78365dea3d9cd604bb96aa494572efbcc6755f448ecf29a4
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f6c4cee5ab420f7ffe5f8062e14fdc88e9cdad3b404d3f5490037b5bb5bc7489
f9fb3f6f8bcda8282c66e67674dba1857db4ae63edcd3e25958afd465216c7fe

www.google.com Open in urlscan Pro 142.250.185.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

89 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

5 IPs

2 Countries

327 kBTransfer

1958 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

4 Console Messages

Security Headers

Indicators

www.google.com Open in urlscan Pro
142.250.185.228 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

327 kB
Transfer

1958 kB
Size

3
Cookies

18 HTTP transactions
2 data transactions