urlscan.io logo urlscan.io
SecurityTrails logo

check.silverstripe-webdevelopment.com Open in urlscan Pro
223.165.66.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://check.silverstripe-webdevelopment.com/
Effective URL: https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Submission Tags: @phish_report
Submission: On May 24 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 223.165.66.192, located in New Zealand and belongs to SITEHOST-AS-AP SiteHost New Zealand, NZ. The main domain is check.silverstripe-webdevelopment.com.
TLS certificate: Issued by R3 on May 24th 2024. Valid for: 3 months.
This is the only time check.silverstripe-webdevelopment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 223.165.66.192 45179 (SITEHOST-...)
7 1
Apex Domain
Subdomains		 Transfer
9 silverstripe-webdevelopment.com
check.silverstripe-webdevelopment.com
257 KB
7 1
Domain Requested by
9 check.silverstripe-webdevelopment.com 2 redirects check.silverstripe-webdevelopment.com
7 1

This site contains no links.

Subject Issuer Validity Valid
checkcheck.sunnysideup.co.nz
R3		 2024-05-24 -
2024-08-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Frame ID: CC62314A7FDD60B1BCB71F6F1DFE7547
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sunny Side Up Check Check : Log in

Page URL History Show full URLs

  1. http://check.silverstripe-webdevelopment.com/ HTTP 307
    https://check.silverstripe-webdevelopment.com/ HTTP 301
    https://check.silverstripe-webdevelopment.com/our-sites HTTP 302
    https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

257 kB
Transfer

895 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://check.silverstripe-webdevelopment.com/ HTTP 307
    https://check.silverstripe-webdevelopment.com/ HTTP 301
    https://check.silverstripe-webdevelopment.com/our-sites HTTP 302
    https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
check.silverstripe-webdevelopment.com/Security/
Redirect Chain
  • http://check.silverstripe-webdevelopment.com/
  • https://check.silverstripe-webdevelopment.com/
  • https://check.silverstripe-webdevelopment.com/our-sites
  • https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
12 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
223.165.66.192 , New Zealand, ASN45179 (SITEHOST-AS-AP SiteHost New Zealand, NZ),
Reverse DNS
rdns.223.165.66.192.sth.nz
Software
nginx /
Resource Hash
7afe8a2fe8939e726c863060bedddc0d0596660f9f419e9a22e3cdd415f00141
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; child-src; connect-src 'self'; font-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; form-action 'self'; frame-ancestors 'none'; frame-src; img-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com blob: data:; media-src 'none'; object-src 'none'; script-src 'self' 'nonce-ODIyM2JkZjZiZWRjMjNmNjkxYTg0NDliNjEyY2JlYjQ1MzQxZTNmMDViNjFlODc5YWM0Yjg0MzhmYmVmNDQxZDUzMTkyNDgxM2UxZWYzMjQyMGJhMzI4OWU3NWNlNzNmNTEyNjE3MDM3YWJiOTczZjVkNTdjZWJkNWExZmE3ODM='; style-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com 'unsafe-inline'; report-uri https://o4504115515686912.ingest.sentry.io/api/4504437666938880/security/?sentry_key=202e7bc940b64ef48ae0e32434bae768; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy base-uri 'self'; default-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; child-src; connect-src 'self'; font-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; form-action 'self'; frame-ancestors 'none'; frame-src; img-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com blob: data:; media-src 'none'; object-src 'none'; script-src 'self' 'nonce-ODIyM2JkZjZiZWRjMjNmNjkxYTg0NDliNjEyY2JlYjQ1MzQxZTNmMDViNjFlODc5YWM0Yjg0MzhmYmVmNDQxZDUzMTkyNDgxM2UxZWYzMjQyMGJhMzI4OWU3NWNlNzNmNTEyNjE3MDM3YWJiOTczZjVkNTdjZWJkNWExZmE3ODM='; style-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com 'unsafe-inline'; report-uri https://o4504115515686912.ingest.sentry.io/api/4504437666938880/security/?sentry_key=202e7bc940b64ef48ae0e32434bae768; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
4743
content-security-policy
base-uri 'self'; default-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; child-src; connect-src 'self'; font-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; form-action 'self'; frame-ancestors 'none'; frame-src; img-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com blob: data:; media-src 'none'; object-src 'none'; script-src 'self' 'nonce-ODIyM2JkZjZiZWRjMjNmNjkxYTg0NDliNjEyY2JlYjQ1MzQxZTNmMDViNjFlODc5YWM0Yjg0MzhmYmVmNDQxZDUzMTkyNDgxM2UxZWYzMjQyMGJhMzI4OWU3NWNlNzNmNTEyNjE3MDM3YWJiOTczZjVkNTdjZWJkNWExZmE3ODM='; style-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com 'unsafe-inline'; report-uri https://o4504115515686912.ingest.sentry.io/api/4504437666938880/security/?sentry_key=202e7bc940b64ef48ae0e32434bae768; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 24 May 2024 07:57:12 GMT
permissions-policy
ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), display-capture=(self *), encrypted-media=(self), fullscreen=(self), geolocation=(), interest-cohort=()
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
X-Forwarded-Protocol,Accept-Encoding
x-content-security-policy
base-uri 'self'; default-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; child-src; connect-src 'self'; font-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; form-action 'self'; frame-ancestors 'none'; frame-src; img-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com blob: data:; media-src 'none'; object-src 'none'; script-src 'self' 'nonce-ODIyM2JkZjZiZWRjMjNmNjkxYTg0NDliNjEyY2JlYjQ1MzQxZTNmMDViNjFlODc5YWM0Yjg0MzhmYmVmNDQxZDUzMTkyNDgxM2UxZWYzMjQyMGJhMzI4OWU3NWNlNzNmNTEyNjE3MDM3YWJiOTczZjVkNTdjZWJkNWExZmE3ODM='; style-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com 'unsafe-inline'; report-uri https://o4504115515686912.ingest.sentry.io/api/4504437666938880/security/?sentry_key=202e7bc940b64ef48ae0e32434bae768; upgrade-insecure-requests
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1716537492
x-robots-tag
noindex, nofollow
x-webkit-csp
base-uri 'self'; default-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; child-src; connect-src 'self'; font-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; form-action 'self'; frame-ancestors 'none'; frame-src; img-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com blob: data:; media-src 'none'; object-src 'none'; script-src 'self' 'nonce-ODIyM2JkZjZiZWRjMjNmNjkxYTg0NDliNjEyY2JlYjQ1MzQxZTNmMDViNjFlODc5YWM0Yjg0MzhmYmVmNDQxZDUzMTkyNDgxM2UxZWYzMjQyMGJhMzI4OWU3NWNlNzNmNTEyNjE3MDM3YWJiOTczZjVkNTdjZWJkNWExZmE3ODM='; style-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com 'unsafe-inline'; report-uri https://o4504115515686912.ingest.sentry.io/api/4504437666938880/security/?sentry_key=202e7bc940b64ef48ae0e32434bae768; upgrade-insecure-requests

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 24 May 2024 07:57:12 GMT
location
https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
server
nginx
vary
X-Forwarded-Protocol
bundle.css
check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/admin/client/dist/styles/ 		556 KB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/admin/client/dist/styles/bundle.css?m=1715051642
Requested by
Host: check.silverstripe-webdevelopment.com
URL: https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
223.165.66.192 , New Zealand, ASN45179 (SITEHOST-AS-AP SiteHost New Zealand, NZ),
Reverse DNS
rdns.223.165.66.192.sth.nz
Software
nginx /
Resource Hash
1900cbd4133332625e557688ecc3896c9f2b323337ef24a3a03ff6c504302868

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:57:12 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2024 03:14:02 GMT
server
nginx
etag
"8b0bf-617d493e49280-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
bundle.css
check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/login-forms/client/dist/styles/ 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/login-forms/client/dist/styles/bundle.css?m=1715052315
Requested by
Host: check.silverstripe-webdevelopment.com
URL: https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
223.165.66.192 , New Zealand, ASN45179 (SITEHOST-AS-AP SiteHost New Zealand, NZ),
Reverse DNS
rdns.223.165.66.192.sth.nz
Software
nginx /
Resource Hash
3c86ddc79e8b23061af1b6a9e44279769d962216cd57a1edfbc95cdad186bcbc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:57:12 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2024 03:25:15 GMT
server
nginx
etag
"27678-617d4bc01bcc0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
25386
darkmode.css
check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/login-forms/client/dist/styles/ 		2 KB
789 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/login-forms/client/dist/styles/darkmode.css?m=1715052315
Requested by
Host: check.silverstripe-webdevelopment.com
URL: https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
223.165.66.192 , New Zealand, ASN45179 (SITEHOST-AS-AP SiteHost New Zealand, NZ),
Reverse DNS
rdns.223.165.66.192.sth.nz
Software
nginx /
Resource Hash
f446e6ffa9b5764d800c42c1ff79c9e55de04b28aeda20043e3b406531c90bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:57:12 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2024 03:25:15 GMT
server
nginx
etag
"855-617d4bc01bcc0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
608
bundle.js
check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/login-forms/client/dist/js/ 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/login-forms/client/dist/js/bundle.js?m=1715052315
Requested by
Host: check.silverstripe-webdevelopment.com
URL: https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
223.165.66.192 , New Zealand, ASN45179 (SITEHOST-AS-AP SiteHost New Zealand, NZ),
Reverse DNS
rdns.223.165.66.192.sth.nz
Software
nginx /
Resource Hash
890c28c9db7919e1d592fa1dec8c3081ae717befbc6d73d32ac57e5534ab7322

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:57:12 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2024 03:25:15 GMT
server
nginx
etag
"1f08b-617d4bc01bcc0-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
42604
silverstripe.woff
check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/admin/client/dist/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/admin/client/dist/fonts/silverstripe.woff?h=146971ba9197afa28b57
Requested by
Host: check.silverstripe-webdevelopment.com
URL: https://check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/admin/client/dist/styles/bundle.css?m=1715051642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
223.165.66.192 , New Zealand, ASN45179 (SITEHOST-AS-AP SiteHost New Zealand, NZ),
Reverse DNS
rdns.223.165.66.192.sth.nz
Software
nginx /
Resource Hash
285cfe0a84b5c3c5f19c5de13d0260e2fceb196176ae3a465ac3aba663371a51

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check.silverstripe-webdevelopment.com/_resources/vendor/silverstripe/admin/client/dist/styles/bundle.css?m=1715051642
Origin
https://check.silverstripe-webdevelopment.com
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:57:13 GMT
last-modified
Tue, 07 May 2024 03:14:02 GMT
server
nginx
accept-ranges
bytes
etag
"7158-617d493e49280"
content-length
29016
content-type
font/woff
favicon.ico
check.silverstripe-webdevelopment.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://check.silverstripe-webdevelopment.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
223.165.66.192 , New Zealand, ASN45179 (SITEHOST-AS-AP SiteHost New Zealand, NZ),
Reverse DNS
rdns.223.165.66.192.sth.nz
Software
nginx /
Resource Hash
1777d8169a14729915eb49faf4d41df76c362ac6b511014774cc6299c21097da

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://check.silverstripe-webdevelopment.com/Security/login?BackURL=%2Four-sites
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 07:57:13 GMT
last-modified
Sat, 25 Mar 2023 00:27:58 GMT
server
nginx
accept-ranges
bytes
etag
"3aee-5f7ae94ebd681"
content-length
15086
content-type
image/vnd.microsoft.icon

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
check.silverstripe-webdevelopment.com/ Name: PHPSESSID
Value: bde04ddf9bed820adef585f6a0a21556

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; default-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; child-src; connect-src 'self'; font-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; form-action 'self'; frame-ancestors 'none'; frame-src; img-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com blob: data:; media-src 'none'; object-src 'none'; script-src 'self' 'nonce-ODIyM2JkZjZiZWRjMjNmNjkxYTg0NDliNjEyY2JlYjQ1MzQxZTNmMDViNjFlODc5YWM0Yjg0MzhmYmVmNDQxZDUzMTkyNDgxM2UxZWYzMjQyMGJhMzI4OWU3NWNlNzNmNTEyNjE3MDM3YWJiOTczZjVkNTdjZWJkNWExZmE3ODM='; style-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com 'unsafe-inline'; report-uri https://o4504115515686912.ingest.sentry.io/api/4504437666938880/security/?sentry_key=202e7bc940b64ef48ae0e32434bae768; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy base-uri 'self'; default-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; child-src; connect-src 'self'; font-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com; form-action 'self'; frame-ancestors 'none'; frame-src; img-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com blob: data:; media-src 'none'; object-src 'none'; script-src 'self' 'nonce-ODIyM2JkZjZiZWRjMjNmNjkxYTg0NDliNjEyY2JlYjQ1MzQxZTNmMDViNjFlODc5YWM0Yjg0MzhmYmVmNDQxZDUzMTkyNDgxM2UxZWYzMjQyMGJhMzI4OWU3NWNlNzNmNTEyNjE3MDM3YWJiOTczZjVkNTdjZWJkNWExZmE3ODM='; style-src 'self' https://fonts.googleapis.com fonts.googleapis.com https://fonts.gstatic.com fonts.gstatic.com https://gstatic.com gstatic.com https://t0.gstatic.com t0.gstatic.com 'unsafe-inline'; report-uri https://o4504115515686912.ingest.sentry.io/api/4504437666938880/security/?sentry_key=202e7bc940b64ef48ae0e32434bae768; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN