tangerine.oneclick.es Open in urlscan Pro
35.156.207.207  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response tangerine.oneclick.es/	983 B 1 KB	360ms 64ms	Document text/html	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e81cd646b169720aac16e3914851e7aacb0f17f83cf21a9d29c5ac3285abd94c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers accept-ranges bytes content-length 983 content-type text/html date Fri, 10 Feb 2023 12:00:34 GMT etag "6202a23f-3d7" last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains; preload
GET H2	200	11.d5c11d6c.chunk.css tangerine.oneclick.es/static/css/	178 KB 28 KB	191ms 189ms	Stylesheet text/css	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/css/11.d5c11d6c.chunk.css Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 188b34901f3c9c38ec40b425c2877b20b77845e6fecf5438afbcdc8dbcd235ee Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag W/"6202a23f-2c7c8" vary Accept-Encoding content-type text/css
GET H2	200	main.7944b363.chunk.css tangerine.oneclick.es/static/css/	322 KB 67 KB	66ms 66ms	Stylesheet text/css	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 1116f2084f6febdfb83f69cfa04de703bd1e181facc3a8d7ab795ff3da83c519 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag W/"6202a23f-50691" vary Accept-Encoding content-type text/css
GET H2	200	runtime-main.7e7c9e13.js Show response tangerine.oneclick.es/static/js/	4 KB 4 KB	191ms 190ms	Script application/javascript	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/js/runtime-main.7e7c9e13.js Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e13d93a57fdb923c217020d7e091fe482cdcb9f314a584df304dc05c41679049 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag "6202a23f-1027" content-type application/javascript accept-ranges bytes content-length 4135
GET H2	200	11.ae65f1d6.chunk.js Show response tangerine.oneclick.es/static/js/	926 KB 331 KB	188ms 188ms	Script application/javascript	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/js/11.ae65f1d6.chunk.js Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash dfc141b3fc298ede78248d669642faefda71295d51fb6d6e5cf1769fb7c5c409 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag W/"6202a23f-e78d2" vary Accept-Encoding content-type application/javascript
GET H2	200	main.4e797b54.chunk.js Show response tangerine.oneclick.es/static/js/	1 MB 344 KB	127ms 126ms	Script application/javascript	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/js/main.4e797b54.chunk.js Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash a1652fb3f0a15f209662599d1fb91f827d6ddd56d0ae374f4f4ccb897587c3ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag W/"6202a23f-129a51" vary Accept-Encoding content-type application/javascript
GET H2	200	logo-big.38271b7e.png tangerine.oneclick.es/static/media/	10 KB 10 KB	65ms 64ms	Image image/png	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tangerine.oneclick.es/static/media/logo-big.38271b7e.png Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/auth/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash c6c71c8d730e8cc8714f3c5b0bb30ed5c88da0fa12bbb506c8103437c6e2d485 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/auth/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag "6202a23f-2897" content-type image/png accept-ranges bytes content-length 10391
GET H2	200	/ Show response tangerine.oneclick.es/api/	119 B 843 B	65ms 64ms	XHR application/json	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/api/ Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/static/js/11.ae65f1d6.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software / Express Resource Hash d5ac78cb082c9c069d6a34ace92bbd3fb452a7a99fdb02b7280e9ca323fc56b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://tangerine.oneclick.es/auth/login accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-powered-by Express etag W/"77-tQ9bZ7UffX0XxdwoSN4WAe0zW7I" allow GET, POST, OPTIONS, PUT, DELETE access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Request-Method content-length 119
GET H2	200	education-levels Show response tangerine.oneclick.es/api/	5 KB 5 KB	189ms 189ms	XHR application/json	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/api/education-levels Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/static/js/11.ae65f1d6.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software / Express Resource Hash 8894ce4eefed0aa28c7db7d406212aef9355e69b930a59310fad94e23c544e13 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://tangerine.oneclick.es/auth/login accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-powered-by Express etag W/"12fd-kb5+Za7aIViztqt7FsPzNx0Bgf0" allow GET, POST, OPTIONS, PUT, DELETE access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Request-Method content-length 4861
GET H2	200	langs Show response tangerine.oneclick.es/api/	232 B 962 B	189ms 188ms	XHR application/json	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/api/langs Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/static/js/11.ae65f1d6.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software / Express Resource Hash af5ed871a933353556010f40881c44cf5e104151d0b3239490c57ca1dc0e988e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept application/json, text/plain, */* Referer https://tangerine.oneclick.es/auth/login accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-powered-by Express etag W/"e8-/RTPbYnTXqqwdzGnfdgFHzc0fqE" allow GET, POST, OPTIONS, PUT, DELETE access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Authorization, X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Request-Method content-length 232
GET H2	200	ipad.fd78a32a.png tangerine.oneclick.es/static/media/	59 KB 60 KB	63ms 62ms	Image image/png	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tangerine.oneclick.es/static/media/ipad.fd78a32a.png Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/auth/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 74e01852e4bc82031118c72bc8b61f0eed24bee76d8775272d111c2cada18505 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/auth/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag "6202a23f-edf7" content-type image/png accept-ranges bytes content-length 60919
GET H2	200	Dosis-SemiBold.050d8579.ttf tangerine.oneclick.es/static/media/	91 KB 91 KB	64ms 63ms	Font application/octet-stream	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/media/Dosis-SemiBold.050d8579.ttf Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 9002cd813ea5867fdba0f2ae43b535df0a63776839cea1393c25bcf3f50ef416 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Origin https://tangerine.oneclick.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag "6202a23f-16b64" content-type application/octet-stream accept-ranges bytes content-length 93028
GET H2	200	Lato-Bold.eb953203.ttf tangerine.oneclick.es/static/media/	642 KB 643 KB	63ms 62ms	Font application/octet-stream	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/media/Lato-Bold.eb953203.ttf Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Origin https://tangerine.oneclick.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag "6202a23f-a0724" content-type application/octet-stream accept-ranges bytes content-length 657188
GET H2	200	Lato-Regular.3b9b9903.ttf tangerine.oneclick.es/static/media/	642 KB 643 KB	64ms 63ms	Font application/octet-stream	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/media/Lato-Regular.3b9b9903.ttf Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Origin https://tangerine.oneclick.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag "6202a23f-a073c" content-type application/octet-stream accept-ranges bytes content-length 657212
GET H2	200	Dosis-Bold.e6ec043d.ttf tangerine.oneclick.es/static/media/	91 KB 91 KB	124ms 124ms	Font application/octet-stream	35.156.207.207 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tangerine.oneclick.es/static/media/Dosis-Bold.e6ec043d.ttf Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.207.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-207-207.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 2e73ef5c287c6c8cf8b0bfc708bfe2b21f7e3c0cbd31dd24a34775a94069ce0c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tangerine.oneclick.es/static/css/main.7944b363.chunk.css Origin https://tangerine.oneclick.es accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 08 Feb 2022 17:02:55 GMT server nginx etag "6202a23f-16af8" content-type application/octet-stream accept-ranges bytes content-length 92920
GET H2	200	api.js Show response apis.google.com/js/	17 KB 7 KB	323ms 148ms	Script text/javascript	2a00:1450:400d:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/static/js/11.ae65f1d6.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 72a1cf067f274922005b7e9d0c9255ab660cf8b451a109d0dcae04e25a8e210d Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Fri, 10 Feb 2023 12:00:36 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6890 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "877d976ec1c77645" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Fri, 10 Feb 2023 12:00:36 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.es.nkEYvOKMfR0.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_AoNKUHV9egqjZa-iaGenKk_s6Nw/	115 KB 39 KB	78ms 77ms	Script text/javascript	2a00:1450:400d:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.es.nkEYvOKMfR0.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_AoNKUHV9egqjZa-iaGenKk_s6Nw/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1783673fc47972c590bdf960d7ae38fdd028d0c5f76a9091848a8d211c109ee6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://tangerine.oneclick.es/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Wed, 08 Feb 2023 12:18:00 GMT content-encoding gzip x-content-type-options nosniff age 171756 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39736 x-xss-protection 0 last-modified Sat, 07 Jan 2023 15:19:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 08 Feb 2024 12:18:00 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame 363B	280 B 1 KB	359ms 150ms	Document text/html	2a00:1450:400d:802::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.es.nkEYvOKMfR0.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_AoNKUHV9egqjZa-iaGenKk_s6Nw/cb=gapi.loaded_0?le=scs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::200d , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 59672fc601fc8bcc59a7e8e3e399dbe1290da611f2818b7cfbb6d1845db2b037 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-rasCj7BawZgdSlYIvuCAHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tangerine.oneclick.es/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-rasCj7BawZgdSlYIvuCAHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Fri, 10 Feb 2023 12:00:36 GMT expires Mon, 01 Jan 1990 00:00:00 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache server ESF strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-xss-protection 0
POST H2	400	cspreport accounts.google.com/_/IdpIFrameHttp/ Frame 363B	2 KB 913 B	107ms 106ms	Other text/html	2a00:1450:400d:802::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/_/IdpIFrameHttp/cspreport Requested by Host: tangerine.oneclick.es URL: https://tangerine.oneclick.es/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::200d , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e790585201f4936bf08de0181720936cbd604d99547029d63a3ee0dc7d55d4dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://accounts.google.com/o/oauth2/iframe accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Fri, 10 Feb 2023 12:00:36 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	m=base Show response www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.es.iH5zKxpI_X4.es5.O/d=1/rs=AOaEmlFRrTgFY5RvQIdQBxsblyLR3_buXA/ Frame 363B	100 KB 35 KB	235ms 72ms	Script text/javascript	2a00:1450:400d:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.es.iH5zKxpI_X4.es5.O/d=1/rs=AOaEmlFRrTgFY5RvQIdQBxsblyLR3_buXA/m=base Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd823d8768f15d42fbc34aa19435472e8f3d166c13da27a080581bc7f203b296 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language es-ES,es;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Tue, 07 Feb 2023 19:15:56 GMT content-encoding gzip x-content-type-options nosniff age 233080 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35106 x-xss-protection 0 last-modified Sat, 04 Feb 2023 07:40:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/identity-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Wed, 07 Feb 2024 19:15:56 GMT
GET H3	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame 363B	49 B 96 B	165ms 165ms	XHR application/json	2a00:1450:400d:802::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Ftangerine.oneclick.es&client_id=557577454957-hp15tf9rd79ksde6fdj6k54v89ei1mm5.apps.googleusercontent.com Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.es.iH5zKxpI_X4.es5.O/d=1/rs=AOaEmlFRrTgFY5RvQIdQBxsblyLR3_buXA/m=base Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::200d , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-gHG7cLnvZwsic2MTZpCkUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest accept-language es-ES,es;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Fri, 10 Feb 2023 12:00:37 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-gHG7cLnvZwsic2MTZpCkUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist content-encoding gzip cross-origin-embedder-policy require-corp p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin content-type application/json; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Fri, 10 Feb 2023 12:00:37 GMT

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| webpackJsonptangerine-frontoffice function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ object| gapi object| ___jsl object| osapi

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tangerine.oneclick.es/	1970-01-20 09:43:55	Name: AWSALB Value: gZUeaT7Fh5ScY3RnNJd7TWzabKGzIp1a5mxsyZpOP2ljibSNIUQQJLVfcCv4uvHaBBiKSAIlymQBsfpwns89ugtcAOS1rBNwh/qZt8L5sF3C9kfVlKTMANaKA+WP
			tangerine.oneclick.es/	1970-01-20 09:43:55	Name: AWSALBCORS Value: gZUeaT7Fh5ScY3RnNJd7TWzabKGzIp1a5mxsyZpOP2ljibSNIUQQJLVfcCv4uvHaBBiKSAIlymQBsfpwns89ugtcAOS1rBNwh/qZt8L5sF3C9kfVlKTMANaKA+WP
			.tangerine.oneclick.es/	1970-01-20 19:09:50	Name: G_ENABLED_IDPS Value: google
			.google.com/	1970-01-20 13:57:21	Name: NID Value: 511=vaErFXeCKDDCxj6-AclsI1a8PAbAGrLuXrnOsiJiTn_VZtZX9Lntg4nOYNV965j_YJ-AHOSCt9AEUiBzxqbyn06YBndpWHMN2GPsFJFvGpwrqC_0hr_HTdGH12zxtgyzj0zp2EKEBd2qq4X6hMgzVfPvUdIHtOeM04ipslD_2w4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.es.nkEYvOKMfR0.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_AoNKUHV9egqjZa-iaGenKk_s6Nw/cb=gapi.loaded_0?le=scs(Line 173) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
tangerine.oneclick.es
www.gstatic.com
2a00:1450:400d:802::200d
2a00:1450:400d:803::2003
2a00:1450:400d:806::200e
35.156.207.207
1116f2084f6febdfb83f69cfa04de703bd1e181facc3a8d7ab795ff3da83c519
1783673fc47972c590bdf960d7ae38fdd028d0c5f76a9091848a8d211c109ee6
188b34901f3c9c38ec40b425c2877b20b77845e6fecf5438afbcdc8dbcd235ee
2e73ef5c287c6c8cf8b0bfc708bfe2b21f7e3c0cbd31dd24a34775a94069ce0c
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
59672fc601fc8bcc59a7e8e3e399dbe1290da611f2818b7cfbb6d1845db2b037
6f6940be0835c3ddec9199e5fc42be4cbc61ebcfd58c623fdf719366253f1780
72a1cf067f274922005b7e9d0c9255ab660cf8b451a109d0dcae04e25a8e210d
74e01852e4bc82031118c72bc8b61f0eed24bee76d8775272d111c2cada18505
8894ce4eefed0aa28c7db7d406212aef9355e69b930a59310fad94e23c544e13
9002cd813ea5867fdba0f2ae43b535df0a63776839cea1393c25bcf3f50ef416
a1652fb3f0a15f209662599d1fb91f827d6ddd56d0ae374f4f4ccb897587c3ef
af5ed871a933353556010f40881c44cf5e104151d0b3239490c57ca1dc0e988e
bf1b8130069b44b9148eeece35e5423bedac49777ba746615b826b8276574a7b
c6c71c8d730e8cc8714f3c5b0bb30ed5c88da0fa12bbb506c8103437c6e2d485
d5ac78cb082c9c069d6a34ace92bbd3fb452a7a99fdb02b7280e9ca323fc56b3
dfc141b3fc298ede78248d669642faefda71295d51fb6d6e5cf1769fb7c5c409
e13d93a57fdb923c217020d7e091fe482cdcb9f314a584df304dc05c41679049
e790585201f4936bf08de0181720936cbd604d99547029d63a3ee0dc7d55d4dc
e81cd646b169720aac16e3914851e7aacb0f17f83cf21a9d29c5ac3285abd94c
fd823d8768f15d42fbc34aa19435472e8f3d166c13da27a080581bc7f203b296