urlscan.io logo urlscan.io
SecurityTrails logo

investpl.me Open in urlscan Pro
104.21.50.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://investpl.me/
Effective URL: https://investpl.me/
Submission: On August 11 via api from PL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 104.21.50.196, located in and belongs to CLOUDFLARENET, US. The main domain is investpl.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2022. Valid for: a year.
This is the only time investpl.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 104.21.50.196 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 5
10    104.21.50.196 (None, )

ASN13335 (CLOUDFLARENET, US)
investpl.me
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.google.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
Apex Domain
Subdomains		 Transfer
12 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 322
284 KB
10 investpl.me
investpl.me
694 KB
2 gstatic.com
maps.gstatic.com
221 KB
2 google.com
maps.google.com — Cisco Umbrella Rank: 1599
www.google.com — Cisco Umbrella Rank: 10
2 KB
24 4
Domain Requested by
12 maps.googleapis.com www.google.com
maps.googleapis.com
10 investpl.me 1 redirects investpl.me
2 maps.gstatic.com www.google.com
1 www.google.com investpl.me
1 maps.google.com 1 redirects
24 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-29 -
2023-06-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://investpl.me/
Frame ID: E8977A3BA6773F1CC2EFDD1E3FF31928
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s53.340258,-6.252831!6i14!3m1!1sen!5m1!1sen
Frame ID: 0C02C876A792855A377A85C0A54C386B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

THE BEST HOTELS OF DUBLIN | World of entertainment and travel

Page URL History Show full URLs

  1. http://investpl.me/ HTTP 301
    https://investpl.me/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1200 kB
Transfer

1633 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://investpl.me/ HTTP 301
    https://investpl.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://maps.google.com/maps?q=53.340258,-6.252831&hl=en&z=14&output=embed HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s53.340258,-6.252831!6i14!3m1!1sen!5m1!1sen

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
investpl.me/
Redirect Chain
  • http://investpl.me/
  • https://investpl.me/
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://investpl.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab839cc3d4c8ce1976c465437a6105ac053e1afe75342951bde8b9ff2b9e1cfe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7390cf407d1271cf-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 11 Aug 2022 12:00:12 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWQ9V81Dnen8WFqgOSgohR0%2BhTPZmjeB2xLmQQa9beV4CzbkHpJ4tJKRljNVoSofVuYkWbscNReVsnMesJdTw0sTlxIIOo1jLTUu%2BbrDhIJ9p4AGGrNvvKGpcuygCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
7390cf3f4bb606ed-LHR
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Aug 2022 12:00:12 GMT
Expires
0
Location
https://investpl.me/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKckUKENrLNPFbd%2BWrs%2BTvH9aHsqlRCG663aSn%2Fq31cTDs%2BMWbF%2BNYW4nK1uyEMDNHFqgAjpIJMFnIYv5rSMFp%2BmKs3e8wbSVstME4B6SdcxgcjgWmjZqdQ5qSe%2BIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles.css
investpl.me/lander/white-1/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://investpl.me/lander/white-1/css/styles.css
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae3dd9fee6b57f3c63c3adde518b5ac0c9f2efbd25069e05c918aa4150f83f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://investpl.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:13 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Jun 2022 06:12:26 GMT
server
cloudflare
etag
W/"62b1614a-1ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0s30AvD0TKmjT3Zm7c3Bu%2FDuo0QY2OOoq5Gx9vF7qJfajGaBTKQ5CDBcfgg6Pp9QcTH1sQbxhqnsFY1kJeQmJjQIq4c5ZKdKMhQa06jGY5XJG29t06u%2BsfHHCtAiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
7390cf42284c71cf-LHR
expires
Sun, 21 Aug 2022 12:00:13 GMT
zanzibar-locke.jpg
investpl.me/lander/white-1/images/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://investpl.me/lander/white-1/images/zanzibar-locke.jpg
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7cd3e489dda415dee95a41dfab2099a1239951e8f23e1bb40022103b0e7e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://investpl.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2322
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
98051
last-modified
Tue, 21 Jun 2022 06:12:26 GMT
server
cloudflare
etag
"62b1614a-17f03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlzjZIHP8Cwbqt1ZUFaZLydZZf0oaTv9PyWwzQcOaNbF2d%2BSRe65nAHszI3T3pspW2BanhoArNPDefq2iPBHWj83ymTI20BRkPQklEyhT%2BmK5ax54h5F1uGSckGp6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7390cf42384e71cf-LHR
expires
Sun, 21 Aug 2022 11:21:31 GMT
dublin-skylon-hotel.jpg
investpl.me/lander/white-1/images/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://investpl.me/lander/white-1/images/dublin-skylon-hotel.jpg
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2cc7fd84ee131fc0371d5717494037f290369c1b2729b366bfd47aaf7eb6ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://investpl.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:13 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
134680
last-modified
Tue, 21 Jun 2022 06:12:26 GMT
server
cloudflare
etag
"62b1614a-20e18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mxhY%2FcHbVCSmIAQBJRWJk6KWcG73x%2BROD6fuyeA7hVb6w9i2ZzoURxB334i%2BU1gPO6lTlq6ne%2FnuBPecAWBAZMRL0EpYdpVvVRS6wC6QjX%2BnJ3am3RZKgiAYoA6cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7390cf4258d572fa-LHR
expires
Sun, 21 Aug 2022 12:00:13 GMT
jacobs-inn-hostel.jpg
investpl.me/lander/white-1/images/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://investpl.me/lander/white-1/images/jacobs-inn-hostel.jpg
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c49df48031bdcce7608d99c445f0f36fb955a4451fec5ceec2937c3585bcab9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://investpl.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:13 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
164472
last-modified
Tue, 21 Jun 2022 06:12:26 GMT
server
cloudflare
etag
"62b1614a-28278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDIJfZD2ZzbhCnL9p8YwHC9STGHGyifDil1AmDjemBo0GV%2BcZQ0FXQvJZhTYl16FSVseA0KivBYabnCPWeePNk%2FVZxwD42%2FX755kGDNC3T9nQnIyslTOV6xPowcHAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7390cf4258d872fa-LHR
expires
Sun, 21 Aug 2022 12:00:13 GMT
the-hendrick-smithfield.jpg
investpl.me/lander/white-1/images/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://investpl.me/lander/white-1/images/the-hendrick-smithfield.jpg
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a920e42b8498b0218e0945e2c13ac3192f686cd68bb5ffdda5691f0cbe783a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://investpl.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4664
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136483
last-modified
Tue, 21 Jun 2022 06:12:26 GMT
server
cloudflare
etag
"62b1614a-21523"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhntwjYjCorYN%2BMe6RC%2Fl5LaDYazUb128fy44rn7KpTi4nS4U%2BengrYQTih1rFWXCphQxlINqF74S5zcbXnFMahBQTYwf4uAEIp%2Ffylf5LlIMBR20ziEE855flBlmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7390cf4258d972fa-LHR
expires
Sun, 21 Aug 2022 10:42:29 GMT
the-merchant-house-(-5-star-suites-).jpg
investpl.me/lander/white-1/images/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://investpl.me/lander/white-1/images/the-merchant-house-(-5-star-suites-).jpg
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43df44135889483a716299216d07675c994fe22e09aff96416550712a2cfb315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://investpl.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4663
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50255
last-modified
Tue, 21 Jun 2022 06:12:26 GMT
server
cloudflare
etag
"62b1614a-c44f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rUIvgyu1HA31lBbkhgx%2BOxkxpgo6%2BJEzUspZKevnNZo9b4NdszxdciE48%2F%2BfvrV%2FI7pRqH6QG5238OH5W5JiVJnFHEVhRmiDR05HgmRp2jKqvjulEAMH4kXst3UXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7390cf4258db72fa-LHR
expires
Sun, 21 Aug 2022 10:42:30 GMT
clayton-hotel-burlington-road.jpg
investpl.me/lander/white-1/images/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://investpl.me/lander/white-1/images/clayton-hotel-burlington-road.jpg
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec7555d227f75b101bbd7ff4c7c97abc73f6268bc034f310c773b6b7117cee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://investpl.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
245184
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
116434
last-modified
Tue, 21 Jun 2022 06:12:26 GMT
server
cloudflare
etag
"62b1614a-1c6d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYsoQlZ4W4XrFIRTwZ8IeW4cSTwGl5xvoPQ%2BUwMLFJYS4YSGR%2Bvt8TQUsPySl42DLXCbbDal9S5GSzDSe%2FVGhwyrmiSNbEifZa8WgaP1mpdjU7UuFyeIrpghdAG13A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
7390cf4258de72fa-LHR
expires
Thu, 18 Aug 2022 15:53:49 GMT
main.js
investpl.me/lander/white-1/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://investpl.me/lander/white-1/js/main.js
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cdbd9383634bab56853d227316c682186fae1ec131896acccc8e3ef5abe3bdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://investpl.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:13 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Jun 2022 06:12:26 GMT
server
cloudflare
etag
W/"62b1614a-48d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynS%2FFhBm0AyPndueW3lNj6ruEWYKPD%2Fhl3V0pFXKs479Vp3ZXCD2xVdxjY2%2F4%2FbFHnZkLKqNLqg4Z17nQotYy1Ef6uN9GjEyr1xhFHYnfSb82TH5p4e0MgQ3g5aiIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
7390cf4258d172fa-LHR
expires
Sun, 21 Aug 2022 12:00:13 GMT
embed
www.google.com/maps/ Frame 0C02
Redirect Chain
  • https://maps.google.com/maps?q=53.340258,-6.252831&hl=en&z=14&output=embed
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s53.340258,-6.252831!6i14!3m1!1sen!5m1!1sen
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s53.340258,-6.252831!6i14!3m1!1sen!5m1!1sen
Requested by
Host: investpl.me
URL: https://investpl.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
97164901437cc7ed87745fb16e941fceea0d7cf1ae8033a8dc27e21b5e546e83
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-RdlTQ7ZO86JaQFJ_-n0lOQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection 0

Request headers

Referer
https://investpl.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
925
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-RdlTQ7ZO86JaQFJ_-n0lOQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type
text/html; charset=UTF-8
date
Thu, 11 Aug 2022 12:00:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
mafe
server-timing
gfet4t7; dur=270
vary
Accept-Language
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
302
content-type
text/html; charset=UTF-8
date
Thu, 11 Aug 2022 12:00:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s53.340258,-6.252831!6i14!3m1!1sen!5m1!1sen
pragma
no-cache
server
mafe
server-timing
gfet4t7; dur=1
x-frame-options
SAMEORIGIN
x-xss-protection
0
js
maps.googleapis.com/maps/api/ Frame 0C02 		173 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s53.340258,-6.252831!6i14!3m1!1sen!5m1!1sen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
4152ad0f80ddf11a5cb23ec0159cdea481f94fc439672cf1b6c9cee083040482
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:42:44 GMT
content-encoding
gzip
server
mafe
age
1049
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=12
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57864
x-xss-protection
0
expires
Thu, 11 Aug 2022 12:12:44 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 0C02 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/49/12/ Frame 0C02 		220 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/49/12/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1s53.340258,-6.252831!6i14!3m1!1sen!5m1!1sen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973ea967e4cbd9f4f15018f93ccaa97774ca5f89f45ccf9a087c43fab5c0924a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:03:31 GMT
x-content-type-options
nosniff
age
57403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225186
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 19:29:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:03:31 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/49/12/ Frame 0C02 		245 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/12/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f014b0fe9d6d15ab085819248e1b7f2fb5ec74c9b357de6aab9d412a6698242d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 05:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69020
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 19:29:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 05:23:14 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/49/12/ Frame 0C02 		157 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/12/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d4a1314948a30ef72a8dc1a11f2165e3b4cf7c33e6016140450ac7ff55941f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58991
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 19:29:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 09:31:47 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/49/12/ Frame 0C02 		67 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/12/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b79d40f3388b0f3e541373294b12cec4be153136d39cc0df49c0721a1116af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 02:28:08 GMT
x-content-type-options
nosniff
age
34326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68757
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 19:29:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 02:28:08 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/49/12/ Frame 0C02 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/12/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06459ee78ba2c383f1e621c4333252d607c9a8f4bfd2fa4d048d54fb19f0e680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:54:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1381
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 19:29:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:54:09 GMT
truncated
/ Frame 0C02 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 0C02 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i2024151&2i1359589&2e1&3u14&4m2&1u300&2u200&5m6&1e0&5sen&6sus&10b1&12b1&14i1379903&client=google-maps-embed&token=5637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
c199af2af63b2fd854a81681fc034e7725f17196e23d8b5c0ade8653a3ed5e5e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:14 GMT
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=86400
server-timing
gfet4t7; dur=155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21545
x-xss-protection
0
expires
Fri, 12 Aug 2022 12:00:14 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/49/12/ Frame 0C02 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/12/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5576ae9ff39545c50feeb305c0d921046cfcfc6d3b2b64789fe1819569197b69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9961
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 19:29:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 17:45:21 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/49/12/ Frame 0C02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/49/12/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c68d4a160dd80178e7e25a983beba388834f6380ee06302bb025fd4ad191d2eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1379
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 19:29:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 20:04:57 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 0C02 		326 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:00:14 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Thu, 11 Aug 2022 12:00:14 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame 0C02 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d53.32475839557965&2d-6.292009913709223&2m2&1d53.356531047041614&2d-6.214115671415381&2u14&4sen&5e0&6sm%40614000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._i2ufqw&client=google-maps-embed&token=78033
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/12/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
3cbed91507ef56542ba12372c70bbc2c3f3b7cee3c33023c942cd2367f89349c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 12:00:14 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1519
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 0C02 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._lkdbea&client=google-maps-embed&token=32824
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/12/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 12:00:14 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame 0C02 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7soznpru&10e1&callback=_xdc_._ovufle&client=google-maps-embed&token=96563
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/49/12/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
03c7eb56ed7cac51b8d262e880ab263f3442ee30488b9743727edfbba71468d3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 12:00:15 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
investpl.me/ Name: _subid
Value: 36abivt1tpr
investpl.me/ Name: 43c6e
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUzXCI6MTY2MDIxOTIxMn0sXCJjYW1wYWlnbnNcIjp7XCIyNFwiOjE2NjAyMTkyMTJ9LFwidGltZVwiOjE2NjAyMTkyMTJ9In0.X7MhYdq5AaApdT_gFKO8wjV6qcrIHol7CFbE_fbK2ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

investpl.me
maps.google.com
maps.googleapis.com
maps.gstatic.com
www.google.com
104.21.50.196
2a00:1450:4001:806::200e
2a00:1450:4001:809::2004
2a00:1450:4001:810::2003
2a00:1450:4001:831::200a
03c7eb56ed7cac51b8d262e880ab263f3442ee30488b9743727edfbba71468d3
06459ee78ba2c383f1e621c4333252d607c9a8f4bfd2fa4d048d54fb19f0e680
2c49df48031bdcce7608d99c445f0f36fb955a4451fec5ceec2937c3585bcab9
2cdbd9383634bab56853d227316c682186fae1ec131896acccc8e3ef5abe3bdb
3cbed91507ef56542ba12372c70bbc2c3f3b7cee3c33023c942cd2367f89349c
4152ad0f80ddf11a5cb23ec0159cdea481f94fc439672cf1b6c9cee083040482
43df44135889483a716299216d07675c994fe22e09aff96416550712a2cfb315
5576ae9ff39545c50feeb305c0d921046cfcfc6d3b2b64789fe1819569197b69
6b79d40f3388b0f3e541373294b12cec4be153136d39cc0df49c0721a1116af7
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
8ec7555d227f75b101bbd7ff4c7c97abc73f6268bc034f310c773b6b7117cee7
97164901437cc7ed87745fb16e941fceea0d7cf1ae8033a8dc27e21b5e546e83
973ea967e4cbd9f4f15018f93ccaa97774ca5f89f45ccf9a087c43fab5c0924a
ab839cc3d4c8ce1976c465437a6105ac053e1afe75342951bde8b9ff2b9e1cfe
ae3dd9fee6b57f3c63c3adde518b5ac0c9f2efbd25069e05c918aa4150f83f53
af7cd3e489dda415dee95a41dfab2099a1239951e8f23e1bb40022103b0e7e37
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b2cc7fd84ee131fc0371d5717494037f290369c1b2729b366bfd47aaf7eb6ad9
c199af2af63b2fd854a81681fc034e7725f17196e23d8b5c0ade8653a3ed5e5e
c68d4a160dd80178e7e25a983beba388834f6380ee06302bb025fd4ad191d2eb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1a920e42b8498b0218e0945e2c13ac3192f686cd68bb5ffdda5691f0cbe783a
e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8
f014b0fe9d6d15ab085819248e1b7f2fb5ec74c9b357de6aab9d412a6698242d
f6d4a1314948a30ef72a8dc1a11f2165e3b4cf7c33e6016140450ac7ff55941f