urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2607:f8b0:4006:81c::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tvtsf108h3xxiavmf.duckdns.org/
Effective URL: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9...
Submission: On February 04 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2607:f8b0:4006:81c::2004, located in Nutley, United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 2.
TLS certificate: Issued by GTS CA 1C3 on January 9th 2023. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains		 Transfer
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
547 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
29 KB
1 duckdns.org
tvtsf108h3xxiavmf.duckdns.org
447 B
13 3
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com 1 redirects www.google.com
www.gstatic.com
1 fonts.gstatic.com www.google.com
1 tvtsf108h3xxiavmf.duckdns.org
13 4

This site contains links to these domains. Also see Links.

Domain
support.google.com
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
Frame ID: DE64B713EDF0054778E6C2F1FCD0787E
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&s=g7XOHLNWDkFOAgwx6wsmTaIHNVI98OSh4uH6D2WA0_gIthPeZ9S3J21MTKvTCyUOLP6Esu040ZY4umSnW8AUYSnHCIqgqrhxsZbStDkjQktLcyuczP81uxlpPJ5eN5oAQcVuMP9vsF5uKmYyyWN-itjiHxh-itb46FnvE5K9bdBKthJLMtBOB-fM0GDj57uZpbPEzx-brk3Jzh7i7wu51jL4HJRrx0Zsrd6yIin4KIxhHEcLLdVBxQuDYLLs0lDFdYxsO4doN7VCu-PkHYcpDyYfkwaMsAU&cb=byjodah6fviz
Frame ID: FCDB7AB5D16DD0D460A3D5ABF7576EC6
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Frame ID: 780DB465BD80BD94484FBEDD6F52FDFE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

https://www.google.com/search?q=blocked

Page URL History Show full URLs

  1. http://tvtsf108h3xxiavmf.duckdns.org/ Page URL
  2. https://www.google.com/search?q=blocked HTTP 302
    https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAA... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

13
Requests

92 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

575 kB
Transfer

1404 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tvtsf108h3xxiavmf.duckdns.org/ Page URL
  2. https://www.google.com/search?q=blocked HTTP 302
    https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tvtsf108h3xxiavmf.duckdns.org/ 		85 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
http://tvtsf108h3xxiavmf.duckdns.org/
Protocol
HTTP/1.1
Server
198.27.79.117 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip117.ip-198-27-79.net
Software
Apache /
Resource Hash
ca800f2c3f77abbf9f7556edb4a22f29dd0ec3ef82499c4f3b90c0d8671530b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
85
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Feb 2023 00:04:47 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Primary Request index
www.google.com/sorry/
Redirect Chain
  • https://www.google.com/search?q=blocked
  • https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
656332b584fcb34d2dcc0a08af078ca4e5f4997bcc9157bc63ef5e21a2f16688
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://tvtsf108h3xxiavmf.duckdns.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
3126
content-type
text/html
date
Sat, 04 Feb 2023 00:04:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
394
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-NghtNcuFASd6hd52tIxdNQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Sat, 04 Feb 2023 00:04:50 GMT
location
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
origin-trial
AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-hallmonitor-challenge
CgwIosL2ngYQq969_QESECYHUwAAYHhnAAAAAAAAABQ
x-xss-protection
0
api.js
www.google.com/recaptcha/ 		850 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cad6dc25a593ca6887a2698a08246928b73f9d4dd714976a4990886d8b6dadce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 00:04:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
553
x-xss-protection
1; mode=block
expires
Sat, 04 Feb 2023 00:04:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 		402 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 23:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163841
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 23:53:25 GMT
anchor
www.google.com/recaptcha/api2/ Frame FCDB 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&s=g7XOHLNWDkFOAgwx6wsmTaIHNVI98OSh4uH6D2WA0_gIthPeZ9S3J21MTKvTCyUOLP6Esu040ZY4umSnW8AUYSnHCIqgqrhxsZbStDkjQktLcyuczP81uxlpPJ5eN5oAQcVuMP9vsF5uKmYyyWN-itjiHxh-itb46FnvE5K9bdBKthJLMtBOB-fM0GDj57uZpbPEzx-brk3Jzh7i7wu51jL4HJRrx0Zsrd6yIin4KIxhHEcLLdVBxQuDYLLs0lDFdYxsO4doN7VCu-PkHYcpDyYfkwaMsAU&cb=byjodah6fviz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36e0675a920f086078f80438f87563e44e9322ff793343c27a5c70ca846a9fec
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EsU_RT3PtYCY1FDYmHqSgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23242
content-security-policy
script-src 'report-sample' 'nonce-EsU_RT3PtYCY1FDYmHqSgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 00:04:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame FCDB 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&s=g7XOHLNWDkFOAgwx6wsmTaIHNVI98OSh4uH6D2WA0_gIthPeZ9S3J21MTKvTCyUOLP6Esu040ZY4umSnW8AUYSnHCIqgqrhxsZbStDkjQktLcyuczP81uxlpPJ5eN5oAQcVuMP9vsF5uKmYyyWN-itjiHxh-itb46FnvE5K9bdBKthJLMtBOB-fM0GDj57uZpbPEzx-brk3Jzh7i7wu51jL4HJRrx0Zsrd6yIin4KIxhHEcLLdVBxQuDYLLs0lDFdYxsO4doN7VCu-PkHYcpDyYfkwaMsAU&cb=byjodah6fviz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 23:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 23:53:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame FCDB 		402 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&s=g7XOHLNWDkFOAgwx6wsmTaIHNVI98OSh4uH6D2WA0_gIthPeZ9S3J21MTKvTCyUOLP6Esu040ZY4umSnW8AUYSnHCIqgqrhxsZbStDkjQktLcyuczP81uxlpPJ5eN5oAQcVuMP9vsF5uKmYyyWN-itjiHxh-itb46FnvE5K9bdBKthJLMtBOB-fM0GDj57uZpbPEzx-brk3Jzh7i7wu51jL4HJRrx0Zsrd6yIin4KIxhHEcLLdVBxQuDYLLs0lDFdYxsO4doN7VCu-PkHYcpDyYfkwaMsAU&cb=byjodah6fviz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 23:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163841
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 23:53:25 GMT
truncated
/ Frame FCDB 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FCDB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FCDB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 20:07:25 GMT
x-content-type-options
nosniff
age
273446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 20:07:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FCDB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&s=g7XOHLNWDkFOAgwx6wsmTaIHNVI98OSh4uH6D2WA0_gIthPeZ9S3J21MTKvTCyUOLP6Esu040ZY4umSnW8AUYSnHCIqgqrhxsZbStDkjQktLcyuczP81uxlpPJ5eN5oAQcVuMP9vsF5uKmYyyWN-itjiHxh-itb46FnvE5K9bdBKthJLMtBOB-fM0GDj57uZpbPEzx-brk3Jzh7i7wu51jL4HJRrx0Zsrd6yIin4KIxhHEcLLdVBxQuDYLLs0lDFdYxsO4doN7VCu-PkHYcpDyYfkwaMsAU&cb=byjodah6fviz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 03:07:28 GMT
x-content-type-options
nosniff
age
248243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 03:07:28 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame FCDB 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=gEr-ODersURoIfof1hiDm7R5
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&s=g7XOHLNWDkFOAgwx6wsmTaIHNVI98OSh4uH6D2WA0_gIthPeZ9S3J21MTKvTCyUOLP6Esu040ZY4umSnW8AUYSnHCIqgqrhxsZbStDkjQktLcyuczP81uxlpPJ5eN5oAQcVuMP9vsF5uKmYyyWN-itjiHxh-itb46FnvE5K9bdBKthJLMtBOB-fM0GDj57uZpbPEzx-brk3Jzh7i7wu51jL4HJRrx0Zsrd6yIin4KIxhHEcLLdVBxQuDYLLs0lDFdYxsO4doN7VCu-PkHYcpDyYfkwaMsAU&cb=byjodah6fviz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2b9fdf8ec5c4a71d39191e9fb067ac1d8be6df56eb2e0d620a6947df0bf35615
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&s=g7XOHLNWDkFOAgwx6wsmTaIHNVI98OSh4uH6D2WA0_gIthPeZ9S3J21MTKvTCyUOLP6Esu040ZY4umSnW8AUYSnHCIqgqrhxsZbStDkjQktLcyuczP81uxlpPJ5eN5oAQcVuMP9vsF5uKmYyyWN-itjiHxh-itb46FnvE5K9bdBKthJLMtBOB-fM0GDj57uZpbPEzx-brk3Jzh7i7wu51jL4HJRrx0Zsrd6yIin4KIxhHEcLLdVBxQuDYLLs0lDFdYxsO4doN7VCu-PkHYcpDyYfkwaMsAU&cb=byjodah6fviz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 00:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Sat, 04 Feb 2023 00:04:51 GMT
bframe
www.google.com/recaptcha/api2/ Frame 780D 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc6da15812e3e1b82afa688586098d8057785c46e0850b9665b4f1e317d12774
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-koDMHCIaV7ivvrtta-uV8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1115
content-security-policy
script-src 'report-sample' 'nonce-koDMHCIaV7ivvrtta-uV8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Feb 2023 00:04:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 780D 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 23:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 23:53:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 780D 		402 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 23:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163841
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 23:53:25 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange function| submitCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_200587

3 Cookies

Domain/Path Name / Value
tvtsf108h3xxiavmf.duckdns.org/ Name: PHPSESSID
Value: 7eb88b5084af1434f22c7ea1eba197b1
.google.com/ Name: AEC
Value: ARSKqsK-dTrKYeoA6SZGMl9Mgo-QR_5xWE4BneuG2DWpXuLt_DYbcMwEqg
.google.com/ Name: NID
Value: 511=AOIlXfPC7RhKtMWmGA7FVwvqlWk0zcFWYAirDcq7kBLcGWCGBeGm5PNdHpCYenz7jkllHOxfFSu6MRHozod87mUKXfi8UzZcIl4fxBDFvCrEcnkOVCo6NbLaHbJ6F0qYqg4qTqE3ENdHeIVGCUW-6CUlNtLybnXTVUVs0hES6w8

3 Console Messages

Source Level URL
Text
network error URL: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dblocked&q=EhAmB1MAAGB4ZwAAAAAAAAAUGKLC9p4GIjCIn3WeANcquvkd6uNf4gZ2gRnP0SrquuOxtRC1qIVe85sRIAKG3uxgjsySRPRoSLYyAXI
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&s=g7XOHLNWDkFOAgwx6wsmTaIHNVI98OSh4uH6D2WA0_gIthPeZ9S3J21MTKvTCyUOLP6Esu040ZY4umSnW8AUYSnHCIqgqrhxsZbStDkjQktLcyuczP81uxlpPJ5eN5oAQcVuMP9vsF5uKmYyyWN-itjiHxh-itb46FnvE5K9bdBKthJLMtBOB-fM0GDj57uZpbPEzx-brk3Jzh7i7wu51jL4HJRrx0Zsrd6yIin4KIxhHEcLLdVBxQuDYLLs0lDFdYxsO4doN7VCu-PkHYcpDyYfkwaMsAU&cb=byjodah6fviz
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security warning URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.