urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2a00:1450:4001:80f::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cbs2newsny.com/
Effective URL: https://www.google.com/?gws_rd=ssl
Submission: On June 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 14 HTTP transactions. The main IP is 2a00:1450:4001:80f::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com.
TLS certificate: Issued by GTS CA 1C3 on May 24th 2021. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.91 60781 (LEASEWEB-...)
1 2 209.15.13.136 13768 (COGECO-PEER1)
2 54.174.112.67 14618 (AMAZON-AES)
1 1 173.239.53.32 36057 (WEBAIR-IN...)
1 1 142.93.172.187 14061 (DIGITALOC...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 8
2    212.32.237.91 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
cbs2newsny.com
2    209.15.13.136 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
btpnav.com
2    54.174.112.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-112-67.compute-1.amazonaws.com
gloos-ves.com
1    173.239.53.32 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
clk.rtpdn12.com
1    142.93.172.187 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
trendsitalia.co
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google.com
6    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ogs.google.com
Apex Domain
Subdomains		 Transfer
9 google.com
google.com
www.google.com
apis.google.com
ogs.google.com
107 KB
3 gstatic.com
www.gstatic.com
62 KB
2 gloos-ves.com
gloos-ves.com
3 KB
2 btpnav.com
btpnav.com
3 KB
2 cbs2newsny.com
cbs2newsny.com
1 KB
1 trendsitalia.co
trendsitalia.co
250 B
1 rtpdn12.com
clk.rtpdn12.com
257 B
14 7
Domain Requested by
6 www.google.com 1 redirects gloos-ves.com
www.google.com
3 www.gstatic.com www.google.com
2 gloos-ves.com gloos-ves.com
2 btpnav.com 1 redirects cbs2newsny.com
2 cbs2newsny.com 1 redirects
1 ogs.google.com www.gstatic.com
1 apis.google.com www.gstatic.com
1 google.com 1 redirects
1 trendsitalia.co 1 redirects
1 clk.rtpdn12.com 1 redirects
14 10
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/?gws_rd=ssl
Frame ID: 1AF9E9223BC9DC6D854BC7166502FCE2
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cbs2newsny.com/ Page URL
  2. http://cbs2newsny.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyMzk... HTTP 302
    http://btpnav.com/click?data=WTFObExpMnF3TFEwUU9ERFI3Z3p1b3hrT1Q1ZUpvMl9WNnBJQktadnNXd3hvN0RGe... Page URL
  3. http://btpnav.com/Redirect/ HTTP 302
    http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b... Page URL
  4. http://gloos-ves.com/zcredirect?visitid=852f4ea2-cf77-11eb-a9db-0a213929adcb&type=js&browserWidth... Page URL
  5. http://clk.rtpdn12.com/click?i=MdDr5kcDVOI_0 HTTP 302
    https://trendsitalia.co/?utm_campaign=VLBfzCv3Lv&conversion=gkbzlnXbysI&banner=4747990&source=113402... HTTP 302
    http://google.com/ HTTP 301
    http://www.google.com/ HTTP 302
    https://www.google.com/?gws_rd=ssl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

14
Requests

71 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

8
IPs

4
Countries

175 kB
Transfer

460 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cbs2newsny.com/ Page URL
  2. http://cbs2newsny.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyMzk0Njk4MCwiaWF0IjoxNjIzOTM5NzgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycTRtOTgydDk4MjQ3NzBsYmswMzluZ2YiLCJuYmYiOjE2MjM5Mzk3ODAsInRzIjoxNjIzOTM5NzgwNTY2Mzk0fQ.RRgHq3JmWufNaXrOXsO_MFg6vdQQqyYjGE7t5myujvU&sid=85116b7e-cf77-11eb-a91b-b80712196dc7 HTTP 302
    http://btpnav.com/click?data=WTFObExpMnF3TFEwUU9ERFI3Z3p1b3hrT1Q1ZUpvMl9WNnBJQktadnNXd3hvN0RGeTlRamk0Z0lHNE1FcFd5ZVBxVllOdFNxTnRyNzRPdExNRFo1MlpSZm9MQkhpaUNfVUFoNXFaR3NHQk5weExEcWJnUmpSYnZUMndQRUkzclZVaHNjT1VwWGJ6bXFvWnE5dTd4UDJ3Mg2&id=665486b2-f70a-40f4-b97e-b68f71686f6b Page URL
  3. http://btpnav.com/Redirect/ HTTP 302
    http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=853e1bb3-cf77-11eb-a9db-0a213929adcb Page URL
  4. http://gloos-ves.com/zcredirect?visitid=852f4ea2-cf77-11eb-a9db-0a213929adcb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  5. http://clk.rtpdn12.com/click?i=MdDr5kcDVOI_0 HTTP 302
    https://trendsitalia.co/?utm_campaign=VLBfzCv3Lv&conversion=gkbzlnXbysI&banner=4747990&source=11340229896&referrer=cbs2newsny.com HTTP 302
    http://google.com/ HTTP 301
    http://www.google.com/ HTTP 302
    https://www.google.com/?gws_rd=ssl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://cbs2newsny.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyMzk0Njk4MCwiaWF0IjoxNjIzOTM5NzgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycTRtOTgydDk4MjQ3NzBsYmswMzluZ2YiLCJuYmYiOjE2MjM5Mzk3ODAsInRzIjoxNjIzOTM5NzgwNTY2Mzk0fQ.RRgHq3JmWufNaXrOXsO_MFg6vdQQqyYjGE7t5myujvU&sid=85116b7e-cf77-11eb-a91b-b80712196dc7 HTTP 302
  • http://btpnav.com/click?data=WTFObExpMnF3TFEwUU9ERFI3Z3p1b3hrT1Q1ZUpvMl9WNnBJQktadnNXd3hvN0RGeTlRamk0Z0lHNE1FcFd5ZVBxVllOdFNxTnRyNzRPdExNRFo1MlpSZm9MQkhpaUNfVUFoNXFaR3NHQk5weExEcWJnUmpSYnZUMndQRUkzclZVaHNjT1VwWGJ6bXFvWnE5dTd4UDJ3Mg2&id=665486b2-f70a-40f4-b97e-b68f71686f6b
Request Chain 2
  • http://btpnav.com/Redirect/ HTTP 302
  • http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=853e1bb3-cf77-11eb-a9db-0a213929adcb

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cbs2newsny.com/ 		470 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
http://cbs2newsny.com/
Protocol
HTTP/1.1
Server
212.32.237.91 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d56c20c896999a67bf917613e445c24203649c25303c03400eb73aabdce218c4

Request headers

Host
cbs2newsny.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
470
content-type
text/html; charset=utf-8
date
Thu, 17 Jun 2021 14:22:59 GMT
server
nginx
set-cookie
sid=85116b7e-cf77-11eb-a91b-b80712196dc7; path=/; domain=.cbs2newsny.com; expires=Tue, 05 Jul 2089 17:37:07 GMT; max-age=2147483647; HttpOnly
Cookie set click
btpnav.com/
Redirect Chain
  • http://cbs2newsny.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyMzk0Njk4MCwiaWF0IjoxNjIzOTM5NzgwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycTRtOTgydDk4MjQ3NzBsYmswMzluZ2...
  • http://btpnav.com/click?data=WTFObExpMnF3TFEwUU9ERFI3Z3p1b3hrT1Q1ZUpvMl9WNnBJQktadnNXd3hvN0RGeTlRamk0Z0lHNE1FcFd5ZVBxVllOdFNxTnRyNzRPdExNRFo1MlpSZm9MQkhpaUNfVUFoNXFaR3NHQk5weExEcWJnUmpSYnZUMndQRUkz...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btpnav.com/click?data=WTFObExpMnF3TFEwUU9ERFI3Z3p1b3hrT1Q1ZUpvMl9WNnBJQktadnNXd3hvN0RGeTlRamk0Z0lHNE1FcFd5ZVBxVllOdFNxTnRyNzRPdExNRFo1MlpSZm9MQkhpaUNfVUFoNXFaR3NHQk5weExEcWJnUmpSYnZUMndQRUkzclZVaHNjT1VwWGJ6bXFvWnE5dTd4UDJ3Mg2&id=665486b2-f70a-40f4-b97e-b68f71686f6b
Requested by
Host: cbs2newsny.com
URL: http://cbs2newsny.com/
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
f77fec7e60810be1c14f2cf4e52056c7c22c37a09e65cde28ef1f70f412285a3

Request headers

Host
btpnav.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://cbs2newsny.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://cbs2newsny.com/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Set-Cookie
ZfEDRORxPfMIgYl=ZfEDRORxPfMIgYl; path=/
X-Server
web01
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Thu, 17 Jun 2021 14:23:00 GMT
Content-Length
2175

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Thu, 17 Jun 2021 14:23:00 GMT
location
http://btpnav.com/click?data=WTFObExpMnF3TFEwUU9ERFI3Z3p1b3hrT1Q1ZUpvMl9WNnBJQktadnNXd3hvN0RGeTlRamk0Z0lHNE1FcFd5ZVBxVllOdFNxTnRyNzRPdExNRFo1MlpSZm9MQkhpaUNfVUFoNXFaR3NHQk5weExEcWJnUmpSYnZUMndQRUkzclZVaHNjT1VwWGJ6bXFvWnE5dTd4UDJ3Mg2&id=665486b2-f70a-40f4-b97e-b68f71686f6b
server
nginx
set-cookie
sid=85116b7e-cf77-11eb-a91b-b80712196dc7; path=/; domain=.cbs2newsny.com; expires=Tue, 05 Jul 2089 17:37:08 GMT; max-age=2147483647; HttpOnly
fa8076ca-64e7-4648-95fb-59f8b6b1f6e1
gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/
Redirect Chain
  • http://btpnav.com/Redirect/
  • http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=853e1bb3-cf77-11eb-a9db-0a213929adcb
996 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=853e1bb3-cf77-11eb-a9db-0a213929adcb
Protocol
HTTP/1.1
Server
54.174.112.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-112-67.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
a25453c09f60071c436d57fa15ec1d082d23ff7bb37076ea2ce53ff824a60a56
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
gloos-ves.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://btpnav.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
http://btpnav.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://btpnav.com/

Response headers

Date
Thu, 17 Jun 2021 14:23:01 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=853e1bb3-cf77-11eb-a9db-0a213929adcb
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Server
web01
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Thu, 17 Jun 2021 14:23:00 GMT
Content-Length
269
zcredirect
gloos-ves.com/ 		270 B
967 B 		Document
General
Check archive.org
Download Go to
Full URL
http://gloos-ves.com/zcredirect?visitid=852f4ea2-cf77-11eb-a9db-0a213929adcb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: gloos-ves.com
URL: http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=853e1bb3-cf77-11eb-a9db-0a213929adcb
Protocol
HTTP/1.1
Server
54.174.112.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-112-67.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
88c3fe6ecf64415cd3f2164d6d819845df46e22a6d665bd8bd5ed63ec35dbb90
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
gloos-ves.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=853e1bb3-cf77-11eb-a9db-0a213929adcb
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://gloos-ves.com/zcvisitor/852f4ea2-cf77-11eb-a9db-0a213929adcb/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=853e1bb3-cf77-11eb-a9db-0a213929adcb

Response headers

Date
Thu, 17 Jun 2021 14:23:01 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request /
www.google.com/
Redirect Chain
  • http://clk.rtpdn12.com/click?i=MdDr5kcDVOI_0
  • https://trendsitalia.co/?utm_campaign=VLBfzCv3Lv&conversion=gkbzlnXbysI&banner=4747990&source=11340229896&referrer=cbs2newsny.com
  • http://google.com/
  • http://www.google.com/
  • https://www.google.com/?gws_rd=ssl
163 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/?gws_rd=ssl
Requested by
Host: gloos-ves.com
URL: http://gloos-ves.com/zcredirect?visitid=852f4ea2-cf77-11eb-a9db-0a213929adcb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5a54acf4e2d471033d5a3a5a9be558190ceba37ee9409b372944f0d60eeba151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/?gws_rd=ssl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://gloos-ves.com/zcredirect?visitid=852f4ea2-cf77-11eb-a9db-0a213929adcb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

date
Thu, 17 Jun 2021 14:23:02 GMT
expires
-1
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
bfcache-opt-in
unload
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
52376
x-xss-protection
0
x-frame-options
SAMEORIGIN
set-cookie
CONSENT=PENDING+050; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location
https://www.google.com/?gws_rd=ssl
Cache-Control
private
Content-Type
text/html; charset=UTF-8
BFCache-Opt-In
unload
Date
Thu, 17 Jun 2021 14:23:02 GMT
Server
gws
Content-Length
231
X-XSS-Protection
0
X-Frame-Options
SAMEORIGIN
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
pragma
no-cache
cookie
CONSENT=PENDING+050
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.google.com
referer
https://www.google.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:23:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
expires
Thu, 17 Jun 2021 14:23:02 GMT
googlelogo_color_84x28dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_84x28dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3ee16b33c7afc3464c263a9604a39a2e5ee81ed4dd68f56ae7c82d814faf6be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 05:27:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
464110
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1785
x-xss-protection
0
expires
Sun, 12 Jun 2022 05:27:52 GMT
truncated
/ 		315 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
978df3db598e6be70fb5ee7167b89bf3e1a21e3aaca1f13cce091afc3f863fbe

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
799105be8dd1f3584458c343751b7233f8d49b7dfb0f8134126ae62960f50988

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		963 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc010f2f29aa6fdd0d4309dee66d8431bac692c183565a3920f151c1a7e5369e

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3d2c4fcab1cd76be2eef41d2dbd22bddeafddcaaed82f296a4b981ebd36504d

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 		660 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/images/searchbox/desktop_searchbox_sprites318_hr.webp
pragma
no-cache
cookie
CONSENT=PENDING+050
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.google.com
referer
https://www.google.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:23:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Apr 2020 22:00:00 GMT
server
sffe
content-type
image/webp
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
660
x-xss-protection
0
expires
Thu, 17 Jun 2021 14:23:02 GMT
gen_204
www.google.com/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?ei=xlrLYLXsC5mA8gLr3LD4CA&vet=10ahUKEwi15-qO757xAhUZgFwKHWsuDI8QhJAHCBY..s&gl=DE&pc=SEARCH_HOMEPAGE&isMobile=false
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
no-cors
origin
https://www.google.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
CONSENT=PENDING+050
content-length
0
:path
/gen_204?ei=xlrLYLXsC5mA8gLr3LD4CA&vet=10ahUKEwi15-qO757xAhUZgFwKHWsuDI8QhJAHCBY..s&gl=DE&pc=SEARCH_HOMEPAGE&isMobile=false
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.google.com
referer
https://www.google.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

bfcache-opt-in
unload
date
Thu, 17 Jun 2021 14:23:02 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rs=AA2YrTvhqESG86SancEQRa0zo3UDA8gUsw
www.gstatic.com/og/_/js/k=og.qtm.en_US.UKfh4Jard14.O/rt=j/m=qabr,q_d,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ 		175 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.UKfh4Jard14.O/rt=j/m=qabr,q_d,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvhqESG86SancEQRa0zo3UDA8gUsw
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f17bbe2bae63e0eb2fe2ee6e083e85ab31150f0732d77b0aedcb239df1dccfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 22:50:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61409
x-xss-protection
0
last-modified
Sat, 12 Jun 2021 02:08:01 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jun 2022 22:50:40 GMT
rs=AA2YrTvJt5zPrsxf72ExnOF2ZFpD5Kgx7A
www.gstatic.com/og/_/ss/k=og.qtm.P8n2dCwhoA8.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/ 		296 B
252 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/og/_/ss/k=og.qtm.P8n2dCwhoA8.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTvJt5zPrsxf72ExnOF2ZFpD5Kgx7A
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8261b083bcd39f5b0e71af19f0f418b0f204ff97d81452f1a4ebd99d88271ae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 18:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
last-modified
Sat, 12 Jun 2021 02:08:01 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Jun 2022 18:23:58 GMT
gen_204
www.google.com/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=xlrLYLXsC5mA8gLr3LD4CA&rt=wsrt.406,aft.58&imn=7&ima=6&imad=0&aftp=-1&bl=bWXf
Requested by
Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-fetch-mode
no-cors
origin
https://www.google.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
CONSENT=PENDING+050
content-length
0
:path
/gen_204?s=webhp&t=aft&atyp=csi&ei=xlrLYLXsC5mA8gLr3LD4CA&rt=wsrt.406,aft.58&imn=7&ima=6&imad=0&aftp=-1&bl=bWXf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.google.com
referer
https://www.google.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

bfcache-opt-in
unload
date
Thu, 17 Jun 2021 14:23:02 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.7yBiF1UUXzY.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-pEDm0pqtBuZIKGpxOGTcQloIhJw/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.7yBiF1UUXzY.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-pEDm0pqtBuZIKGpxOGTcQloIhJw/cb=gapi.loaded_0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.UKfh4Jard14.O/rt=j/m=qabr,q_d,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvhqESG86SancEQRa0zo3UDA8gUsw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29cd624cef7be1a2197ee367300e65708f199e3370b9cd83685243cc5696a71d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 13:09:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35322
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 23:57:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jun 2022 13:09:40 GMT
so
ogs.google.com/widget/app/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ogs.google.com/widget/app/so?bc=1&origin=https%3A%2F%2Fwww.google.com&cn=app&pid=1&spid=538&hl=de
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.UKfh4Jard14.O/rt=j/m=qabr,q_d,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTvhqESG86SancEQRa0zo3UDA8gUsw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HZQGmMBHQr4AI2y1pbxx5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/OneGoogleWidgetUi/cspreport;worker-src 'self', script-src 'nonce-HZQGmMBHQr4AI2y1pbxx5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/OneGoogleWidgetUi/cspreport;frame-ancestors https://www.google.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.google.com
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 14:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
same-origin; report-to="OneGoogleWidgetUi"
x-frame-options
ALLOW-FROM https://www.google.com
strict-transport-security
max-age=31536000
report-to
{"group":"OneGoogleWidgetUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/OneGoogleWidgetUi/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.google.com
cache-control
private, max-age=259200
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-HZQGmMBHQr4AI2y1pbxx5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/OneGoogleWidgetUi/cspreport;worker-src 'self', script-src 'nonce-HZQGmMBHQr4AI2y1pbxx5A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/OneGoogleWidgetUi/cspreport;frame-ancestors https://www.google.com
expires
Thu, 17 Jun 2021 14:23:02 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google object| gws_wizbind object| gbar_ object| gbar string| __PVT object| gapi object| ___jsl object| __jsaction object| W_jd object| WIZ_global_data object| IJ_values function| _DumpException function| _F_installCss number| closure_uid_831659569 object| closure_lm_946176 object| osapi object| gapix object| gadgets object| shindig object| googleapis

1 Cookies

Domain/Path Name / Value
.google.com/ Name: CONSENT
Value: PENDING+050

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
btpnav.com
cbs2newsny.com
clk.rtpdn12.com
gloos-ves.com
google.com
ogs.google.com
trendsitalia.co
www.google.com
www.gstatic.com
142.93.172.187
173.239.53.32
209.15.13.136
212.32.237.91
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:831::2003
54.174.112.67
29cd624cef7be1a2197ee367300e65708f199e3370b9cd83685243cc5696a71d
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5a54acf4e2d471033d5a3a5a9be558190ceba37ee9409b372944f0d60eeba151
5f17bbe2bae63e0eb2fe2ee6e083e85ab31150f0732d77b0aedcb239df1dccfc
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
799105be8dd1f3584458c343751b7233f8d49b7dfb0f8134126ae62960f50988
8261b083bcd39f5b0e71af19f0f418b0f204ff97d81452f1a4ebd99d88271ae3
88c3fe6ecf64415cd3f2164d6d819845df46e22a6d665bd8bd5ed63ec35dbb90
978df3db598e6be70fb5ee7167b89bf3e1a21e3aaca1f13cce091afc3f863fbe
a25453c09f60071c436d57fa15ec1d082d23ff7bb37076ea2ce53ff824a60a56
bc010f2f29aa6fdd0d4309dee66d8431bac692c183565a3920f151c1a7e5369e
c3d2c4fcab1cd76be2eef41d2dbd22bddeafddcaaed82f296a4b981ebd36504d
d56c20c896999a67bf917613e445c24203649c25303c03400eb73aabdce218c4
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ee16b33c7afc3464c263a9604a39a2e5ee81ed4dd68f56ae7c82d814faf6be
f77fec7e60810be1c14f2cf4e52056c7c22c37a09e65cde28ef1f70f412285a3