sites.google.com Open in urlscan Pro
2a00:1450:4001:80b::200e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sites.google.com/modern-zimbra.com/67567?usp=sharing
Submission: On December 14 via manual (December 14th 2023, 8:17:16 am UTC) from IN — Scanned from DE

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 7 domains to perform 48 HTTP transactions. The main IP is 2a00:1450:4001:80b::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is sites.google.com. The Cisco Umbrella rank of the primary domain is 3144.
TLS certificate: Issued by GTS CA 1C3 on November 20th 2023. Valid for: 3 months.

This is the only time sites.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	54.237.117.88 54.237.117.88	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.211.24.179 3.211.24.179	14618 (AMAZON-AES) (AMAZON-AES)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
48	13

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

sites.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
71856773-atari-embeds.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.237.117.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-117-88.compute-1.amazonaws.com

form.questionscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.211.24.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-24-179.compute-1.amazonaws.com

formapi.questionscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gstatic.com www.gstatic.com fonts.gstatic.com	997 KB
16	google.com sites.google.com — Cisco Umbrella Rank: 3144 apis.google.com — Cisco Umbrella Rank: 116 play.google.com — Cisco Umbrella Rank: 32 drive.google.com — Cisco Umbrella Rank: 294	185 KB
6	questionscout.com form.questionscout.com formapi.questionscout.com	404 KB
4	googleusercontent.com lh5.googleusercontent.com — Cisco Umbrella Rank: 169 lh4.googleusercontent.com — Cisco Umbrella Rank: 748 71856773-atari-embeds.googleusercontent.com	152 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	9 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 17920	256 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
48	7

	Domain	Requested by
9	www.gstatic.com	sites.google.com www.gstatic.com
7	fonts.gstatic.com	fonts.googleapis.com
7	apis.google.com	sites.google.com apis.google.com www.gstatic.com 71856773-atari-embeds.googleusercontent.com
4	form.questionscout.com	sites.google.com form.questionscout.com
4	play.google.com	www.gstatic.com
3	fonts.googleapis.com	sites.google.com ajax.googleapis.com
3	sites.google.com	www.gstatic.com
2	formapi.questionscout.com	form.questionscout.com
2	drive.google.com	www.gstatic.com sites.google.com
2	lh4.googleusercontent.com	sites.google.com
1	geolocation-db.com	form.questionscout.com
1	cdnjs.cloudflare.com	form.questionscout.com
1	ajax.googleapis.com	form.questionscout.com
1	71856773-atari-embeds.googleusercontent.com	www.gstatic.com
1	lh5.googleusercontent.com	sites.google.com
48	15

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.questionscout.com Amazon RSA 2048 M02	`2023-07-30` - `2024-08-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
geolocation-db.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://sites.google.com/modern-zimbra.com/67567?usp=sharing
Frame ID: DE23FBC8AA7F1F4264EEFC19EC09D6EC
Requests: 24 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup
Frame ID: 7CF44285C48E070C65976A0BA4B06A62
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__&r=656457951
Frame ID: EC725883D1F78A71FE1E9BC041D0F34A
Requests: 3 HTTP requests in this frame

Frame: https://71856773-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__
Frame ID: 692754171BF25011FAEA2A520FB8630D
Requests: 3 HTTP requests in this frame

Frame: https://form.questionscout.com/qs-form-script.min.js
Frame ID: E6D39EA52A015BFFC000BE19A462B8C0
Requests: 1 HTTP requests in this frame

Frame: https://form.questionscout.com/65772f80b2500e6afbef8654
Frame ID: BF946059B724987F08DB52D03FFBB422
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Google Sites (CMS) Expand

Overall confidence: 100%
Detected patterns

^https?://sites\.google\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

48
Requests

100 %
HTTPS

77 %
IPv6

7
Domains

15
Subdomains

13
IPs

2
Countries

1752 kB
Transfer

5598 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/policies/technologies/cookies/
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 67567 Show response
sites.google.com/modern-zimbra.com/ 51 KB
12 KB 229ms
193ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec0019681b6bc00b87d9f551c4404f055d46558607e48eacf4fc19a14e519d3d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-hUpsw7X6cObW9U-0sKF1MA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-hUpsw7X6cObW9U-0sKF1MA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Thu, 14 Dec 2023 08:17:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 5 KB
935 B 36ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 08:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 06:38:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 08:17:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 37ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 08:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 07:56:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 08:17:12 GMT

GET
H2 200 rs=AGEqA5nCdrRAyEvk74LdYl7XxFmHO6q7HQ
www.gstatic.com/_/atari/_/ss/k=atari.vw.khSgWpjWvjM.L.W.O/am=AAY/d=1/ 1 MB
153 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.khSgWpjWvjM.L.W.O/am=AAY/d=1/rs=AGEqA5nCdrRAyEvk74LdYl7XxFmHO6q7HQ

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef330b6d69f1da4926fe68a537282863875cdba82670251cad82959f1bec0bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156191
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 00:23:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Wed, 11 Dec 2024 03:30:26 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 18 KB
7 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5caf567051325f13539b36304d4ed9f6b34b6c6f3d4acc3a0bcad6d6cf81528

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 08:17:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7117
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f22a7e30298ad395"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 08:17:12 GMT

GET
H2 200 MYXnQbeStbOpf65QgL2QVc1JZb8sNIh4sqgmCoY-znm52MFGdv_9CcRig3l2r7-Uy4Dq-FDmDyMQcfahZDadsJjRcsFtMQfI3Ws6_B9eZCc6L_FwhRlKcMjbDOnoX0q6qw=w1280
lh5.googleusercontent.com/ 15 KB
16 KB 198ms
159ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/MYXnQbeStbOpf65QgL2QVc1JZb8sNIh4sqgmCoY-znm52MFGdv_9CcRig3l2r7-Uy4Dq-FDmDyMQcfahZDadsJjRcsFtMQfI3Ws6_B9eZCc6L_FwhRlKcMjbDOnoX0q6qw=w1280

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

62deb46c62b130b62e87f7d20429beb432154b9ba6ce13fe5f75663bdae56b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:17:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15794
x-xss-protection: 0
expires: Fri, 15 Dec 2023 08:17:12 GMT

GET
H2 200 _WuIYIP-XkqCiH6FOGHZ4Vi-4myRXDkfYCM0TMVaQjROLk-gdmLzJS5mTmLrYDymOIsR4u6F_KQCrNT8YT3eNmFSuOgoIYh0SrsxaX4SYicuhQSh25KKA6e48yX5PClgfw=w1280
lh4.googleusercontent.com/ 16 KB
16 KB 199ms
149ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/_WuIYIP-XkqCiH6FOGHZ4Vi-4myRXDkfYCM0TMVaQjROLk-gdmLzJS5mTmLrYDymOIsR4u6F_KQCrNT8YT3eNmFSuOgoIYh0SrsxaX4SYicuhQSh25KKA6e48yX5PClgfw=w1280

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

babe4cd156d8260d9e29cc3d6c1f28d9bc203d23008f608447b97ce62a78dc78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:17:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16058
x-xss-protection: 0
expires: Fri, 15 Dec 2023 08:17:12 GMT

GET
H2 200 y-_vmrSupgzvPHlaPVkN_SZ8Oe6QU2-oQq9z_E41ANhkzIVZC-N5rIiTty5HhVRlo0Sww42rjU89yhqeRlVjek8oDnynMUQBgGFQeOqtU1GFaZzQglO4K__UGqNmXhBTXg=w1280
lh4.googleusercontent.com/ 119 KB
120 KB 163ms
162ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/y-_vmrSupgzvPHlaPVkN_SZ8Oe6QU2-oQq9z_E41ANhkzIVZC-N5rIiTty5HhVRlo0Sww42rjU89yhqeRlVjek8oDnynMUQBgGFQeOqtU1GFaZzQglO4K__UGqNmXhBTXg=w1280

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

04e2decc80f66d61377dbf7769e90835b576a612ee5d3dbf9a7c39a26b5e4770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:17:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122228
x-xss-protection: 0
expires: Fri, 15 Dec 2023 08:17:12 GMT

GET
H2 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/ 584 KB
198 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a2d5375f7bfa04c7fa4ff19f46281d6e8323d85e8b8eb7691c1beca4ba3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202453
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 08:15:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Wed, 11 Dec 2024 05:37:10 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/ 317 KB
108 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9643422ad1a6e19b5456a3c678900d6a7c5514cfca3d96d38086117ad619c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 07:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110558
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 07:17:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 33ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sites.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 170583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:09 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ 33 KB
34 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sites.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 40521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 22ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sites.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 225547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:38:05 GMT

GET
H3 200 m=sy18,sy19,sy17,FoQBg Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/ 37 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=sy18,sy19,sy17,FoQBg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0566e02848b2dae32f72471dbdcb0cedaa213753c1c2f330a6e39b8968b24542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:48:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12728
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 08:15:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Tue, 10 Dec 2024 16:48:09 GMT

GET
H3 200 m=sy2t,TRvtze Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/ 855 B
523 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=sy2t,TRvtze

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

020c114850494b32e3b9ba455d172e4cb5464a2910f99ad6a3c046054725d1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 06:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 497
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 08:15:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Wed, 11 Dec 2024 06:26:28 GMT

GET
H3 200 m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,HIeYee,QxOCld,sy2u,abQiW,W26a5e,hJUyqe,sy15,sy12,sy13,sy14,fuVYe,TGYpv,syj,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3t,yxTchf,sy3u,sy3v,xQtZb,y... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/ 1 MB
425 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,HIeYee,QxOCld,sy2u,abQiW,W26a5e,hJUyqe,sy15,sy12,sy13,sy14,fuVYe,TGYpv,syj,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3t,yxTchf,sy3u,sy3v,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2w,SM1lmd,sy6,sy5,syx,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2v,syl,RrXLpc,cgRV2c,syz,sy1m,o1L5Wb,X4BaPc,syf,Md9ENb,sy1d,sy1e,syp,sy1b,sy1c,Ko0sOe,syn,syw,syy,sy1a,NlqxW,sy1g,sy1h,sy1j,sy1k,sy1l,sy1s,sy1f,sy1q,sy1p,syb,syr,sy1n,sy1y,sy20,sy23,sy24,sy25,sy26,sy1u,sy1z,sy28,sy2h,sy1w,sy1x,sy1i,sy1o,sy1r,sy1t,sy1v,sy22,syo,sy27,sy29,sy2a,sy2e,sy2f,sy2g,T807ad,sy21,sy2c,sy2d,ZDEHrf,sy2i,sy2k,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2b,NzVYMd,KlZlNb,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2j,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2l,sy2m,sy2n,sy2o,UYjpC,vVEdxc,sy3,VYKRW,sy16,CG0Qwb,RZ9OZ,N0NZx,szRU7e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

798b031c9e3550bdf9b67bd3f3a25aca2dd8455dd3e0883a34e4cb0610856d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 06:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 435228
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 08:15:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Wed, 11 Dec 2024 06:04:13 GMT

GET
H3 200 m=sy3k,IZT63,vfuNJf,sy3e,sy3i,sy3l,sy3y,sy3w,sy3x,siKnQd,sy3c,sy3j,sy3n,YNjGDd,sy3m,sy3o,PrPYRd,iFQyKf,hc6Ubd,sy3z,SpsfSb,sy3f,sy3h,wR5FRb,pXdRYb,dIoSBb,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/ 29 KB
11 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=sy3k,IZT63,vfuNJf,sy3e,sy3i,sy3l,sy3y,sy3w,sy3x,siKnQd,sy3c,sy3j,sy3n,YNjGDd,sy3m,sy3o,PrPYRd,iFQyKf,hc6Ubd,sy3z,SpsfSb,sy3f,sy3h,wR5FRb,pXdRYb,dIoSBb,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

822a62b8bb49fb7d4619ca222d42604a2c5a20435bf36a7cf3231930dbf259b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10776
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 08:15:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Wed, 11 Dec 2024 05:37:12 GMT

GET
H3 200 m=m9oV,sy3p,NTMZac,mzzZzc,rCcCxc,RAnnUd,sy2x,sy2y,uu7UOe,nAFL3,sy2q,gJzDyc,sy2z,soHxf,syu,syt,HYv29e,sy30,uY3Nvd Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/ 35 KB
11 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=m9oV,sy3p,NTMZac,mzzZzc,rCcCxc,RAnnUd,sy2x,sy2y,uu7UOe,nAFL3,sy2q,gJzDyc,sy2z,soHxf,syu,syt,HYv29e,sy30,uY3Nvd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb7862ee51021365f3a756250eaea5d8794bfa3e5638a4496a2a325ef54083e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11636
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 08:15:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Tue, 10 Dec 2024 11:49:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 62ms
41ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://sites.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sites.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 14 Dec 2023 08:17:12 GMT
expires: Thu, 14 Dec 2023 08:17:12 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ 131 B
155 B 112ms
97ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 14 Dec 2023 08:17:12 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sites.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 08:17:12 GMT

POST
H2 200 logImpressions Show response
sites.google.com/_/view/ 16 B
222 B 128ms
127ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.google.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/modern-zimbra.com/67567?usp=sharing
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 08:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 106 KB
36 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=0/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,HIeYee,QxOCld,sy2u,abQiW,W26a5e,hJUyqe,sy15,sy12,sy13,sy14,fuVYe,TGYpv,syj,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3t,yxTchf,sy3u,sy3v,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2w,SM1lmd,sy6,sy5,syx,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2v,syl,RrXLpc,cgRV2c,syz,sy1m,o1L5Wb,X4BaPc,syf,Md9ENb,sy1d,sy1e,syp,sy1b,sy1c,Ko0sOe,syn,syw,syy,sy1a,NlqxW,sy1g,sy1h,sy1j,sy1k,sy1l,sy1s,sy1f,sy1q,sy1p,syb,syr,sy1n,sy1y,sy20,sy23,sy24,sy25,sy26,sy1u,sy1z,sy28,sy2h,sy1w,sy1x,sy1i,sy1o,sy1r,sy1t,sy1v,sy22,syo,sy27,sy29,sy2a,sy2e,sy2f,sy2g,T807ad,sy21,sy2c,sy2d,ZDEHrf,sy2i,sy2k,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2b,NzVYMd,KlZlNb,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2j,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2l,sy2m,sy2n,sy2o,UYjpC,vVEdxc,sy3,VYKRW,sy16,CG0Qwb,RZ9OZ,N0NZx,szRU7e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d28e7b5dc49405cc4f7dc2327530ebb568e8fb88923be26d81e5caaf81045c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37048
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 23:36:53 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 08:57:09 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/ 261 B
209 B 7ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44eef17dd8f6c60254481bf83658b25d15b8ac7ac82b80bd94800e5073142502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 06:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 182
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 06:56:08 GMT

GET
H2 200 auth_warmup Show response
drive.google.com/ Frame 7CF4 0
1 KB 136ms
116ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/auth_warmup

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-it5uzdulabQt17Ck6MyUgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-it5uzdulabQt17Ck6MyUgg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 14 Dec 2023 08:17:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame EC72 2 KB
969 B 15ms
14ms Document
text/html 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__&r=656457951

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 944
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 08:17:12 GMT
expires: Fri, 13 Dec 2024 08:17:12 GMT
last-modified: Tue, 12 Dec 2023 13:42:01 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame EC72 18 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__&r=656457951

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34cde982ba3e4dc07422431edb59a249fa3157b297aea11c0647474a27b6161b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 08:17:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7117
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "224a671cad24bcca"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 08:17:12 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/ Frame EC72 57 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c40d9a23bed06fca4dada3b4f72c8d09a1c8af3356c4d4b593e918d078abd3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20759
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 19:34:00 GMT

GET
H3 200 inner-frame-minified.html Show response
71856773-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame 6927 2 KB
940 B 75ms
43ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://71856773-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 915
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 08:17:12 GMT
expires: Fri, 13 Dec 2024 08:17:12 GMT
last-modified: Tue, 12 Dec 2023 13:42:01 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame 6927 18 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: 71856773-atari-embeds.googleusercontent.com
URL: https://71856773-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.XSQ9KzmFQfs.O%2Fd%3D1%2Frs%3DAHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c011384b536d27cc137baaec7d792d8c04645fdde8b27a33026f030f6f2f3eea

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71856773-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 08:17:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7114
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "fe4d94631a6eabb4"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 08:17:12 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/ Frame 6927 57 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c40d9a23bed06fca4dada3b4f72c8d09a1c8af3356c4d4b593e918d078abd3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71856773-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20759
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 19:34:00 GMT

GET
H2 200 qs-form-script.min.js Show response
form.questionscout.com/ Frame E6D3 4 KB
2 KB 401ms
93ms Script
application/javascript 54.237.117.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.questionscout.com/qs-form-script.min.js

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.237.117.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-117-88.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

90428307a13f02045a6b6403108e6b1c8c61d212e9fc6d0bdcac5ff59c262504

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://71856773-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:17:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 29 Mar 2022 17:00:29 GMT
server: nginx/1.16.1
content-encoding: gzip
etag: W/"ef6-17fd69f27c8"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
x-xss-protection: 1; mode=block

GET
H2 200 65772f80b2500e6afbef8654 Show response
form.questionscout.com/ Frame BF94 36 KB
6 KB 783ms
783ms Document
text/html 54.237.117.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.questionscout.com/65772f80b2500e6afbef8654

Requested by

Host: form.questionscout.com
URL: https://form.questionscout.com/qs-form-script.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.237.117.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-117-88.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

c4e374affb0034e9049a9f34de4183fc6f7417957694c51a699fe14310111ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://71856773-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 08:17:14 GMT
etag: W/"912a-ElXUfSOr0o/PW7EgEOQXejNt9QY"
server: nginx/1.16.1
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 bundle.463f0bf5.css
form.questionscout.com/static/css/ Frame BF94 25 KB
5 KB 93ms
93ms Stylesheet
text/css 54.237.117.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.questionscout.com/static/css/bundle.463f0bf5.css

Requested by

Host: form.questionscout.com
URL: https://form.questionscout.com/65772f80b2500e6afbef8654

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.237.117.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-117-88.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

2471d9be5c4fb1381d500ac076e5c5b1494749db4c1ba3ddd5c3d93c43e0c5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.questionscout.com/65772f80b2500e6afbef8654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:17:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 29 Mar 2022 17:00:39 GMT
server: nginx/1.16.1
content-encoding: gzip
etag: W/"62e1-17fd69f4ed8"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
x-xss-protection: 1; mode=block

GET
H2 200 bundle.bff5e9a1.js Show response
form.questionscout.com/static/js/ Frame BF94 1 MB
390 KB 183ms
183ms Script
application/javascript 54.237.117.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.questionscout.com/static/js/bundle.bff5e9a1.js

Requested by

Host: form.questionscout.com
URL: https://form.questionscout.com/65772f80b2500e6afbef8654

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.237.117.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-117-88.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

17824230bf7963c61aa43641ef123c9351917d14803a9fce53ff1385a3fdae25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.questionscout.com/65772f80b2500e6afbef8654
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:17:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 29 Mar 2022 17:00:39 GMT
server: nginx/1.16.1
content-encoding: gzip
etag: W/"13ece3-17fd69f4ed8"
x-download-options: noopen
x-dns-prefetch-control: off
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
x-xss-protection: 1; mode=block

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ Frame BF94 13 KB
6 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: form.questionscout.com
URL: https://form.questionscout.com/65772f80b2500e6afbef8654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.questionscout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 22:07:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BF94 5 KB
850 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,600%7CRoboto:400,500%7CCalligraffitti:400

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b86f43a3a1616a578eac3bf248b4b6a99d1fef500afba3c839e80b013ad52e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.questionscout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 08:17:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 08:17:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 08:17:14 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame BF94 23 KB
23 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,600%7CRoboto:400,500%7CCalligraffitti:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://form.questionscout.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:36:20 GMT
x-content-type-options: nosniff
age: 232854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 15:36:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF94 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,600%7CRoboto:400,500%7CCalligraffitti:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://form.questionscout.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 170585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF94 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,600%7CRoboto:400,500%7CCalligraffitti:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://form.questionscout.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 225549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:38:05 GMT

GET
H2 200 46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2
fonts.gstatic.com/s/calligraffitti/v19/ Frame BF94 29 KB
29 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,600%7CRoboto:400,500%7CCalligraffitti:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d5059c07b957f989ee2ed276e1f6d20428f4d3ed2523e7c305bd3e3ebc092ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://form.questionscout.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 06:51:43 GMT
x-content-type-options: nosniff
age: 177931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29868
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:09:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 06:51:43 GMT

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/ Frame BF94 13 KB
5 KB 32ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/iframeResizer.contentWindow.min.js

Requested by

Host: form.questionscout.com
URL: https://form.questionscout.com/static/js/bundle.bff5e9a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a1916cb402e1fba4eed335fb19c68c23a283554f749c23e75dc90ca79bb80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.questionscout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 51081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4395
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-348e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqx7yaUACuejLaoVgnFZ0%2F%2FbYHrf8Vkke0lFXTKcPYNIcq1h7zbBziJQBF7V6SIw7Cy79SjdlnFTgSw0CI3Os4tDejFlVIWSnQsNahF0oOKwa%2Fchqu03jxOzd5KwK%2Beae%2BYcH5SOe01nnJmMsSr59%2FFx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83550262cceb35f0-FRA
expires: Tue, 03 Dec 2024 08:17:14 GMT

GET
H2 200 / Show response
formapi.questionscout.com/socket.io/ Frame BF94 103 B
338 B 481ms
92ms XHR
text/plain 3.211.24.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://formapi.questionscout.com/socket.io/?fingerprint=bd77bf66f27305b12456c965edaa6150&EIO=3&transport=polling&t=OndPheP
Requested by: Host: form.questionscout.com
URL: https://form.questionscout.com/static/js/bundle.bff5e9a1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.24.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-24-179.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 3ba744b1108673167bcbf375d77f0ce5e2b755a2ce2493d4aaf62a1ad3ee4cf5

Request headers

Accept: */*
Referer: https://form.questionscout.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://form.questionscout.com
date: Thu, 14 Dec 2023 08:17:15 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.1
content-type: text/plain; charset=UTF-8

GET
H2 200 697de680-a737-11ea-9820-af05f4014d91 Show response
geolocation-db.com/json/ Frame BF94 145 B
256 B 456ms
68ms XHR
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/697de680-a737-11ea-9820-af05f4014d91
Requested by: Host: form.questionscout.com
URL: https://form.questionscout.com/static/js/bundle.bff5e9a1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 27bf35f0544303587cbe3c3d9e345940c9da685198bb4033a87f8c60c71beed6

Request headers

Accept: application/json, text/plain, */*
Referer: https://form.questionscout.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 08:17:15 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
formapi.questionscout.com/socket.io/ Frame BF94 3 B
210 B 466ms
466ms XHR
text/plain 3.211.24.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://formapi.questionscout.com/socket.io/?fingerprint=bd77bf66f27305b12456c965edaa6150&EIO=3&transport=polling&t=OndPhl-&sid=LCnPzTTvcevWOQjuAzti
Requested by: Host: form.questionscout.com
URL: https://form.questionscout.com/static/js/bundle.bff5e9a1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.24.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-24-179.compute-1.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept: */*
Referer: https://form.questionscout.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://form.questionscout.com
date: Thu, 14 Dec 2023 08:17:15 GMT
access-control-allow-credentials: true
server: nginx/1.14.1
content-length: 3
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 42ms
41ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://sites.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sites.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 14 Dec 2023 08:17:15 GMT
expires: Thu, 14 Dec 2023 08:17:15 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ 131 B
152 B 60ms
58ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 14 Dec 2023 08:17:15 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sites.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 logImpressions Show response
sites.google.com/_/view/ 16 B
66 B 131ms
131ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.google.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.gdSsbRxioEI.O/am=AAY/d=1/rs=AGEqA5nDBbWkdkN4PPmAP1mYssJOSjK7zA/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/modern-zimbra.com/67567?usp=sharing
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 08:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 404 cspreport
drive.google.com/_/DriveOsidBootstrap/ Frame 7CF4 141 B
694 B 132ms
132ms Other
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://drive.google.com/_/DriveOsidBootstrap/cspreport

Requested by

Host: sites.google.com
URL: https://sites.google.com/modern-zimbra.com/67567?usp=sharing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a, script-src 'report-sample' 'nonce-AhkH7IF8dxsyLAeEjPqlxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drive.google.com/auth_warmup
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/c9cd1776275257ba2b0145e36346db5a, script-src 'report-sample' 'nonce-AhkH7IF8dxsyLAeEjPqlxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 08:17:16 GMT
server: GSE
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 1; mode=block
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Thu, 14 Dec 2023 08:17:16 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 21:19:13	Name: NID Value: 511=p74F0h1l9Y3YPJC2mkT34MkpgfsM765F_-MRecXfy33oNZCv7H6k6YvZ1SJW8VZaB9FTE5ZcUkTED4p0NaEGTJzKDZHR3RBAKCukI1GGeLrP2n6P93OHr3Oe_-NecVPkHzihCNp5ymQ7YF1SCkJJ6169uK-nwTaU4e0bBXhWiz0
			.google.com/	1970-01-21 02:31:41	Name: CONSENT Value: PENDING+373

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://drive.google.com/_/DriveOsidBootstrap/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-hUpsw7X6cObW9U-0sKF1MA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

71856773-atari-embeds.googleusercontent.com
ajax.googleapis.com
apis.google.com
cdnjs.cloudflare.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
form.questionscout.com
formapi.questionscout.com
geolocation-db.com
lh4.googleusercontent.com
lh5.googleusercontent.com
play.google.com
sites.google.com
www.gstatic.com
159.89.102.253
2606:4700::6811:190e
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::200e
3.211.24.179
54.237.117.88
020c114850494b32e3b9ba455d172e4cb5464a2910f99ad6a3c046054725d1ae
027a2d5375f7bfa04c7fa4ff19f46281d6e8323d85e8b8eb7691c1beca4ba3a0
04e2decc80f66d61377dbf7769e90835b576a612ee5d3dbf9a7c39a26b5e4770
0566e02848b2dae32f72471dbdcb0cedaa213753c1c2f330a6e39b8968b24542
17824230bf7963c61aa43641ef123c9351917d14803a9fce53ff1385a3fdae25
2471d9be5c4fb1381d500ac076e5c5b1494749db4c1ba3ddd5c3d93c43e0c5e8
27bf35f0544303587cbe3c3d9e345940c9da685198bb4033a87f8c60c71beed6
2d5059c07b957f989ee2ed276e1f6d20428f4d3ed2523e7c305bd3e3ebc092ec
34cde982ba3e4dc07422431edb59a249fa3157b297aea11c0647474a27b6161b
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
3a987926ce1b782e9c95771444a98336801741c07ff44bf75bfc8a38fccbdf98
3ba744b1108673167bcbf375d77f0ce5e2b755a2ce2493d4aaf62a1ad3ee4cf5
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
44eef17dd8f6c60254481bf83658b25d15b8ac7ac82b80bd94800e5073142502
4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
62deb46c62b130b62e87f7d20429beb432154b9ba6ce13fe5f75663bdae56b13
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
798b031c9e3550bdf9b67bd3f3a25aca2dd8455dd3e0883a34e4cb0610856d32
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
822a62b8bb49fb7d4619ca222d42604a2c5a20435bf36a7cf3231930dbf259b2
8d28e7b5dc49405cc4f7dc2327530ebb568e8fb88923be26d81e5caaf81045c0
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
90428307a13f02045a6b6403108e6b1c8c61d212e9fc6d0bdcac5ff59c262504
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b5caf567051325f13539b36304d4ed9f6b34b6c6f3d4acc3a0bcad6d6cf81528
b86f43a3a1616a578eac3bf248b4b6a99d1fef500afba3c839e80b013ad52e82
babe4cd156d8260d9e29cc3d6c1f28d9bc203d23008f608447b97ce62a78dc78
c011384b536d27cc137baaec7d792d8c04645fdde8b27a33026f030f6f2f3eea
c40d9a23bed06fca4dada3b4f72c8d09a1c8af3356c4d4b593e918d078abd3b6
c4e374affb0034e9049a9f34de4183fc6f7417957694c51a699fe14310111ec0
c9643422ad1a6e19b5456a3c678900d6a7c5514cfca3d96d38086117ad619c8f
d4a1916cb402e1fba4eed335fb19c68c23a283554f749c23e75dc90ca79bb80f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0019681b6bc00b87d9f551c4404f055d46558607e48eacf4fc19a14e519d3d
ef330b6d69f1da4926fe68a537282863875cdba82670251cad82959f1bec0bf7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7862ee51021365f3a756250eaea5d8794bfa3e5638a4496a2a325ef54083e3

sites.google.com Open in urlscan Pro 2a00:1450:4001:80b::200e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

77 %IPv6

7 Domains

15 Subdomains

13 IPs

2 Countries

1752 kBTransfer

5598 kBSize

2 Cookies

1 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sites.google.com Open in urlscan Pro
2a00:1450:4001:80b::200e Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

77 %
IPv6

7
Domains

15
Subdomains

13
IPs

2
Countries

1752 kB
Transfer

5598 kB
Size

2
Cookies

48 HTTP transactions
0 data transactions