urlscan.io logo urlscan.io
SecurityTrails logo

auth.nexusnet.io Open in urlscan Pro
104.21.36.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.nexusnet.io/
Effective URL: https://auth.nexusnet.io/signin
Submission: On October 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 33 HTTP transactions. The main IP is 104.21.36.100, located in and belongs to CLOUDFLARENET, US. The main domain is auth.nexusnet.io.
TLS certificate: Issued by GTS CA 1P5 on October 6th 2023. Valid for: 3 months.
This is the only time auth.nexusnet.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 16 104.21.36.100 13335 (CLOUDFLAR...)
1 142.250.186.72 15169 (GOOGLE)
4 172.217.16.196 15169 (GOOGLE)
4 10 87.250.250.119 13238 (YANDEX)
6 216.58.212.131 15169 (GOOGLE)
2 216.239.36.178 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
33 8
16    104.21.36.100 (None, )

ASN13335 (CLOUDFLARENET, US)
app.nexusnet.io
auth.nexusnet.io
1    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
4    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net
www.google.com
10    87.250.250.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
6    216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f3.1e100.net
www.gstatic.com
2    216.239.36.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
16 nexusnet.io
app.nexusnet.io
auth.nexusnet.io
920 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7957
3 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
623 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
36 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3539
71 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
308 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
93 KB
33 7
Domain Requested by
14 auth.nexusnet.io 1 redirects auth.nexusnet.io
7 mc.yandex.com 3 redirects auth.nexusnet.io
mc.yandex.ru
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com auth.nexusnet.io
www.gstatic.com
www.google.com
3 mc.yandex.ru 1 redirects auth.nexusnet.io
2 www.google-analytics.com www.googletagmanager.com
2 app.nexusnet.io 2 redirects
1 fonts.gstatic.com www.google.com
1 www.googletagmanager.com auth.nexusnet.io
33 9

This site contains links to these domains. Also see Links.

Domain
nexusnet.io
Subject Issuer Validity Valid
nexusnet.io
GTS CA 1P5		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://auth.nexusnet.io/signin
Frame ID: F519EE0D2AF23E7F2DA2A42116425D60
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do&co=aHR0cHM6Ly9hdXRoLm5leHVzbmV0LmlvOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=6jr51amxiyxm
Frame ID: E0E2625E58154B07567755618BFDEB4F
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do
Frame ID: 11734F50C2B305F93F3B333CD892E68D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nexusnet | anmelden

Page URL History Show full URLs

  1. http://app.nexusnet.io/ HTTP 301
    https://app.nexusnet.io/ HTTP 302
    http://auth.nexusnet.io/signin HTTP 301
    https://auth.nexusnet.io/signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /yii\.(?:validation|activeForm)\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

33
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

1742 kB
Transfer

3363 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.nexusnet.io/ HTTP 301
    https://app.nexusnet.io/ HTTP 302
    http://auth.nexusnet.io/signin HTTP 301
    https://auth.nexusnet.io/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10160.tub86-A1n1ni1XfEFtE6I5lY0X1VGTT4LNpbs6rzx78Y5K6VwVgdOQ2Rp4w1JgMe.n6PTBKI1BoruOGmH7M1p-u2eDFU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10160.hD3ZineeHzlgvov9coN1L9m7KouhUudAW6E5jgM_vEKAblurrqz25RPxGfF2g09xd2_eGX6MEPddiNJIft8_M5Y5eSWa8IjygtcOU37NtuPbvjl29P7K8n0Yp_TvDKVo7f3M4a14s7t2yrvL8cRCR_TUOI0N5NZuDR8XM1qZ9VEI33CgNu2Wa3LdCTUkg2x1zPfZjmTFPilg8sKslPsvkVPtnlKs-jceQBYmLb8uKO8%2C.Jhtg-llRNNA3xvYGgM8PJcY7zzg%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10160.kQfvyNTEYqLxcOND9sgdOhhdB-uupoSBP1TT5bwfJwI_aRXqnCTPv6s6DuXgt9zyjb08HWcKZokmuKMjSOmxDDwGCZo2Zx-6DgHFiqXFZanpSjthUKUFThrEDiNNRjHnT8kmmFRbJdhuJP2dFF6_aUk6ddh7RKWJ0E3eyMaev3DigAQiSbFNh5q59xIYv_ZEKws8TGwv6XCJTs6Yflw-XA%2C%2C.GGoBOG0320Naurdu07zHVwLgyJw%2C
Request Chain 22
  • https://mc.yandex.com/watch/92452812?wmode=7&page-url=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1950%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1189572531406%3Ahid%3A332851069%3Az%3A120%3Ai%3A20231018230154%3Aet%3A1697662915%3Ac%3A1%3Arn%3A865733578%3Arqn%3A1%3Au%3A1697662915625038675%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C134%2C1%2C1586%2C0%2C%2C239%2C0%2C%2C%2C%2C1966%3Aco%3A0%3Acpf%3A1%3Ans%3A1697662912039%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697662915%3At%3ANexusnet%20%7C%20anmelden&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/92452812/1?wmode=7&page-url=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1950%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1189572531406%3Ahid%3A332851069%3Az%3A120%3Ai%3A20231018230154%3Aet%3A1697662915%3Ac%3A1%3Arn%3A865733578%3Arqn%3A1%3Au%3A1697662915625038675%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C134%2C1%2C1586%2C0%2C%2C239%2C0%2C%2C%2C%2C1966%3Aco%3A0%3Acpf%3A1%3Ans%3A1697662912039%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697662915%3At%3ANexusnet%20%7C%20anmelden&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request signin
auth.nexusnet.io/
Redirect Chain
  • http://app.nexusnet.io/
  • https://app.nexusnet.io/
  • http://auth.nexusnet.io/signin
  • https://auth.nexusnet.io/signin
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.8
Resource Hash
d7b41a6596b5a87b1a1ca92d23765347590d72dbc98df1b849ec553280a17964

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8183b81a3e34383b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 21:01:53 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa33p3c6vdWA8mNv52Mj3sNU0fL4ZXHgwW8Dr76uI9htEcQJUzOFQ%2BcH74CmQpMg4muxiTXksuDCTXKZhOkvtcsdagwyJ08i3fT7K4tmBjU2EZHB1aXSzSBlNb7vvRxWEeBw"}],"group":"cf-nel","max_age":604800}
retry-after
120
server
cloudflare
x-powered-by
PHP/8.2.8

Redirect headers

CF-RAY
8183b8185d4e18f3-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 18 Oct 2023 21:01:53 GMT
Expires
Wed, 18 Oct 2023 22:01:53 GMT
Location
https://auth.nexusnet.io/signin
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Nk3ia0LmTFMr2RfnNuUvDYwV0FkOUtudvN29PwdTShXQ3n3xAbgt84PljPECM8z2xp1DH%2BRI3b6dIfNoa5DLRaT8%2F6WldzGpLmL7d4a0AP0Krs1rf5bMKuTYY8ZRSQGZ0GP"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
authchoice.css
auth.nexusnet.io/assets/5dcb9afb/ 		930 B
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/5dcb9afb/authchoice.css
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7972e97836412beac97d9e62d202b53eea53133e7e1de8d6d3c8c63a9ce6355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Nov 2022 17:23:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6377bfac-3a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWZikOxz8qi%2BKw%2F8Y0rUW%2Fzrt0z7isMu6GUf%2F1ueTfqXx4hq7ATgOp%2Fx8PsXzR7BPn4F0OimfW%2Ft0Z8CDVwSezhdPCQPJl%2FsXj7V233oYYdwZ6z639tkgtjvXMf4IDI5pxHo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8183b81b1f66383b-FRA
alt-svc
h3=":443"; ma=86400
main.css
auth.nexusnet.io/assets/13fe2546/css/ 		115 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/13fe2546/css/main.css
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3bcbd052a1f5bea8f027f8458b414ce7c2172aed740cb0b687c69a22e3fe7dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Oct 2023 12:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652fd04d-1ca27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7s3AaVaegDaqnTifPOvQiWRVwjohnbknTZ7ayoDzB9njkyw5EEk6XBI%2BclOcxO6yTune%2Bc3Nu20FXYBUSkODy6EdezyZHZP6savb6lyq9fR6lZ4N%2FuHkF3NLP2ZRbeYH0nqn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8183b81b1f6a383b-FRA
alt-svc
h3=":443"; ma=86400
logo.svg
auth.nexusnet.io/assets/13fe2546/img/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.nexusnet.io/assets/13fe2546/img/logo.svg
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f573c92656b16c2d41ab1c56605cd58cd6352902d9df442dd1f1134038918b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Oct 2023 12:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652fd04d-29de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvUPX0f8EVxy4AN6NuU0ZTr6%2BK3Qk18z0alGo%2B0kVqQQUyARXz40EfnXRY9fwBHEnI1EoAxpZjltij5on%2Br%2B%2BFltNqLchFhG%2B1hnqMLNGKkMngV9jUBVxyoqa0GgtR6NmL9N"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8183b81b1f6c383b-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		283 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3LBPT3MX0B
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
957e98d01a3ebeac0bb5843ec186c3295bebaa69ffbed5111fbd3028833b1f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94736
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 21:01:54 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=de&render=explicit&onload=recaptchaOnloadCallback
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
GSE /
Resource Hash
af954ae99c7c0d650b7d86c18d81bc9ecfcd36f453d713c264229136203da0d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 18 Oct 2023 21:01:54 GMT
jquery.js
auth.nexusnet.io/assets/ec000766/ 		286 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/ec000766/jquery.js
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 08 Mar 2023 15:32:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6408aa84-4766a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzj7Ag7v3g5mYSQQVECxR74n9JLQc9VGT1dh%2B7e1%2FggDyJEIwdbTX4Q5NWhzwmGJ5J0tG5tlnXBKHkz%2Bm7TdRiqZir%2FJSHJJt1oelBZqaEMAMohf1RNSESs0lqmGbrjspg4A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8183b81b1f6e383b-FRA
alt-svc
h3=":443"; ma=86400
yii.js
auth.nexusnet.io/assets/55cd4a78/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/55cd4a78/yii.js
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995516724f69e24ddf82e9279a65d50a6f64a2c325226f7133bda794d6bf79a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 May 2023 19:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646e5fa2-51d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbV11yPEQXMZhXyFfkBMyVtTBywDd%2BzjYvRc4xNcUfMsg6gWpUFlI%2BCZel5%2FuGmk6GMVh8w1FyKMo9yj%2BWO5gFOBvhWWmDcbmteGGEo3O6xNlTWsSeAHLQZlzmC85HgYSMqb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8183b81b1f6f383b-FRA
alt-svc
h3=":443"; ma=86400
yii.validation.js
auth.nexusnet.io/assets/55cd4a78/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/55cd4a78/yii.validation.js
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 May 2023 19:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646e5fa2-4413"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrUlrYFl9JOv2ZDxeXZHWzSYzOIxYkajdb2sUqlSLfox6J9f4q3Boz8ArtDTWCe4AphNuQk%2FBnWMd2qWJsMrZF15vPzO94uQtIRFTAYRw9gcU8cvcPIxJjGEJrAD5Fz2OJHe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8183b81b1f70383b-FRA
alt-svc
h3=":443"; ma=86400
yii.activeForm.js
auth.nexusnet.io/assets/55cd4a78/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/55cd4a78/yii.activeForm.js
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 24 May 2023 19:04:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"646e5fa2-9046"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1YbQxbgvNuEkJhPP%2FRGECdMY%2BWgnSd6e494IFh%2FaOKH4Rf%2FroD2vkn4LVqF%2BsnVj2jQL3V1tdwn%2BB1oT7dpmUWidPsWENCNB1VU%2BfMoZ5kkqEuJklvrg9qZClVQRCd2DkuE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8183b81b1f71383b-FRA
alt-svc
h3=":443"; ma=86400
TTHoves-DemiBold.ttf
auth.nexusnet.io/assets/13fe2546/fonts/ 		175 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/13fe2546/fonts/TTHoves-DemiBold.ttf?9f88b22cc90533ec5f8a07dd5075b515
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/assets/13fe2546/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be50a817efdf4f809f9e5cb4c157b842be7f76a012b5abd9acadc472f248a5f8

Request headers

Referer
https://auth.nexusnet.io/assets/13fe2546/css/main.css
Origin
https://auth.nexusnet.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Oct 2023 12:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"652fd04d-2babc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzF4nMrdTZ8r7oGySSIXJAKZ5dOL0fhxhsZyXre35VyENDzeND5tAI4RbQJuBgDpd6ENsEuVFF6kMAvtv01BmFjNyYV%2BztheHsLYonzOghp2XJM6sqNuW%2B3PUsYl1QAxaTls"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8183b81c68f7383b-FRA
alt-svc
h3=":443"; ma=86400
content-length
178876
authchoice.png
auth.nexusnet.io/assets/5dcb9afb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.nexusnet.io/assets/5dcb9afb/authchoice.png
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/assets/5dcb9afb/authchoice.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97dadc8f2f18f0ba560ae23f7ca74c7dd1425febab9b3547a3cf6acdc0848b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/assets/5dcb9afb/authchoice.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Nov 2022 17:23:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6377bfac-8ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iBgY035OyZ0OepiGc7BzmI2pGskS7JzTuKu%2BMDbhzOUSH8th5zgcEQx7ncyKluRLx5JdX5zTFuwutktPoIB0%2FlhzDq9VyHLwPQH7Pt9HsNgIbw5glPd0YbrKrnNUWfogYG2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8183b81c68f8383b-FRA
alt-svc
h3=":443"; ma=86400
content-length
2221
TTHoves-Regular.ttf
auth.nexusnet.io/assets/13fe2546/fonts/ 		174 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/13fe2546/fonts/TTHoves-Regular.ttf?22badb647628141aaacbe79389fd7c2c
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/assets/13fe2546/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caec186ae3a53593f6af402ad5c76c871cfb0bc3cf295d9b67be0846ef779f71

Request headers

Referer
https://auth.nexusnet.io/assets/13fe2546/css/main.css
Origin
https://auth.nexusnet.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Oct 2023 12:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"652fd04d-2b948"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Asr8UcDoj3c7MIcQ2KG%2BjcDH39pHSWp6G3G7ETvBWdw7U%2Br2gdwPX%2BCQhmVSb0i23SbQ344vUnoS4F2iRG%2FG%2BP%2FhE06WC%2B7hKvAd1WoLkJjFk4lOxkmR6XThR0Tvl079Nu8R"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8183b81c68fb383b-FRA
alt-svc
h3=":443"; ma=86400
content-length
178504
TTHoves-Medium.ttf
auth.nexusnet.io/assets/13fe2546/fonts/ 		174 KB
175 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.nexusnet.io/assets/13fe2546/fonts/TTHoves-Medium.ttf?c84646119459f89cd0d487fe8d61edde
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/assets/13fe2546/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3b1476c31ef5118bd932d9c98d5fd24902ab09ad8517a0eb4da3e88c586174

Request headers

Referer
https://auth.nexusnet.io/assets/13fe2546/css/main.css
Origin
https://auth.nexusnet.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Oct 2023 12:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"652fd04d-2b8a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yqrku2v4lR19wN5B0pgGuaV1GR3URv%2FiArBuAVatiEOzVm1jkq4FTO1IyecdWqFZaJblOQYPv4jJdv2l6A62HG8lrYRV0JFMl2Twq4cbPg9aTQozbIZXnabH9mOfaOO8uAT"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8183b81c68fe383b-FRA
alt-svc
h3=":443"; ma=86400
content-length
178336
background.png
auth.nexusnet.io/assets/13fe2546/img/ 		257 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.nexusnet.io/assets/13fe2546/img/background.png
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.100 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a836478f6246ecdc8de956da072988ca33ac08caf44b822de660f419b0e63366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/signin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Oct 2023 12:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"652fd04d-405b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVzEecAUxIeOyXQkgVnVcdzOpJQWL3EFrSK840J0jjTC7XZjNhnp6oPRrc%2FJoW54Rum3r94RYKP%2F6BYiuI4lWfPZAgNs47D%2BcstwqdVsQlBNjfCBDr1gPJBGl0hjQbtrEtRM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8183b81c6902383b-FRA
alt-svc
h3=":443"; ma=86400
content-length
263608
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 17 Oct 2023 09:59:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"652e5b11-11470"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70768
expires
Wed, 18 Oct 2023 22:01:54 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ 		463 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=de&render=explicit&onload=recaptchaOnloadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.nexusnet.io/
Origin
https://auth.nexusnet.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189533
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 15:35:37 GMT
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3LBPT3MX0B&gtm=45je3ag0&_p=785112445&cid=1339212033.1697662914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697662914&sct=1&seg=0&dl=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&dt=Nexusnet%20%7C%20anmelden&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LBPT3MX0B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 21:01:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.nexusnet.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame E0E2 		58 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do&co=aHR0cHM6Ly9hdXRoLm5leHVzbmV0LmlvOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=6jr51amxiyxm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
GSE /
Resource Hash
62976af1b6b9b4d3d09607acda51f15d0a7d08d69dd2e0ca452136d60b632718
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xvoYlDZlUJ2Vkm4TzWPZjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.nexusnet.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xvoYlDZlUJ2Vkm4TzWPZjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 21:01:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10160.tub86-A1n1ni1XfEFtE6I5lY0X1VGTT4LNpbs6rzx78Y5K6VwVgdOQ2Rp4w1JgMe.n6PTBKI1BoruOGmH7M1p-u2eDFU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10160.hD3ZineeHzlgvov9coN1L9m7KouhUudAW6E5jgM_vEKAblurrqz25RPxGfF2g09xd2_eGX6MEPddiNJIft8_M5Y5eSWa8IjygtcOU37NtuPbvjl29P7K8n0Yp_TvDKVo7f3M4a14s7...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10160.kQfvyNTEYqLxcOND9sgdOhhdB-uupoSBP1TT5bwfJwI_aRXqnCTPv6s6DuXgt9zyjb08HWcKZokmuKMjSOmxDDwGCZo2Zx-6DgHFiqXFZanpS...
43 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10160.kQfvyNTEYqLxcOND9sgdOhhdB-uupoSBP1TT5bwfJwI_aRXqnCTPv6s6DuXgt9zyjb08HWcKZokmuKMjSOmxDDwGCZo2Zx-6DgHFiqXFZanpSjthUKUFThrEDiNNRjHnT8kmmFRbJdhuJP2dFF6_aUk6ddh7RKWJ0E3eyMaev3DigAQiSbFNh5q59xIYv_ZEKws8TGwv6XCJTs6Yflw-XA%2C%2C.GGoBOG0320Naurdu07zHVwLgyJw%2C
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10160.kQfvyNTEYqLxcOND9sgdOhhdB-uupoSBP1TT5bwfJwI_aRXqnCTPv6s6DuXgt9zyjb08HWcKZokmuKMjSOmxDDwGCZo2Zx-6DgHFiqXFZanpSjthUKUFThrEDiNNRjHnT8kmmFRbJdhuJP2dFF6_aUk6ddh7RKWJ0E3eyMaev3DigAQiSbFNh5q59xIYv_ZEKws8TGwv6XCJTs6Yflw-XA%2C%2C.GGoBOG0320Naurdu07zHVwLgyJw%2C
date
Wed, 18 Oct 2023 21:01:54 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:54 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 17 Oct 2023 09:59:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"652e5b11-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 18 Oct 2023 22:01:54 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame E0E2 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do&co=aHR0cHM6Ly9hdXRoLm5leHVzbmV0LmlvOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=6jr51amxiyxm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 19:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:17:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame E0E2 		463 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do&co=aHR0cHM6Ly9hdXRoLm5leHVzbmV0LmlvOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=6jr51amxiyxm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189533
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 15:35:37 GMT
1
mc.yandex.com/watch/92452812/
Redirect Chain
  • https://mc.yandex.com/watch/92452812?wmode=7&page-url=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1950%3Afu%3A0%3A...
  • https://mc.yandex.com/watch/92452812/1?wmode=7&page-url=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1950%3Afu%3A0%...
427 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/92452812/1?wmode=7&page-url=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1950%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1189572531406%3Ahid%3A332851069%3Az%3A120%3Ai%3A20231018230154%3Aet%3A1697662915%3Ac%3A1%3Arn%3A865733578%3Arqn%3A1%3Au%3A1697662915625038675%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C134%2C1%2C1586%2C0%2C%2C239%2C0%2C%2C%2C%2C1966%3Aco%3A0%3Acpf%3A1%3Ans%3A1697662912039%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697662915%3At%3ANexusnet%20%7C%20anmelden&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: auth.nexusnet.io
URL: https://auth.nexusnet.io/signin
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
898afa2bbdcafecc650265a689ddf25125ad56d753d5a2940299dd3119508203
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 21:01:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 18-Oct-2023 21:01:55 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.nexusnet.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Wed, 18-Oct-2023 21:01:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Oct 2023 21:01:55 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 18-Oct-2023 21:01:55 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/92452812/1?wmode=7&page-url=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A1950%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1189572531406%3Ahid%3A332851069%3Az%3A120%3Ai%3A20231018230154%3Aet%3A1697662915%3Ac%3A1%3Arn%3A865733578%3Arqn%3A1%3Au%3A1697662915625038675%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C134%2C1%2C1586%2C0%2C%2C239%2C0%2C%2C%2C%2C1966%3Aco%3A0%3Acpf%3A1%3Ans%3A1697662912039%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697662915%3At%3ANexusnet%20%7C%20anmelden&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://auth.nexusnet.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 18-Oct-2023 21:01:55 GMT
truncated
/ Frame E0E2 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E0E2 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E0E2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 00:18:29 GMT
x-content-type-options
nosniff
age
506606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 20 Oct 2023 00:18:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E0E2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do&co=aHR0cHM6Ly9hdXRoLm5leHVzbmV0LmlvOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=6jr51amxiyxm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 06:47:09 GMT
x-content-type-options
nosniff
age
396886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 06:47:09 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E0E2 		102 B
209 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do&co=aHR0cHM6Ly9hdXRoLm5leHVzbmV0LmlvOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=6jr51amxiyxm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
GSE /
Resource Hash
769962ab7a07c4983d99a56f89f1b55e54dbeea7d50a24e796d42e4c02610a91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do&co=aHR0cHM6Ly9hdXRoLm5leHVzbmV0LmlvOjQ0Mw..&hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&size=normal&cb=6jr51amxiyxm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 18 Oct 2023 21:01:55 GMT
bframe
www.google.com/recaptcha/api2/ Frame 1173 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f4.1e100.net
Software
GSE /
Resource Hash
b3a9c136191e57b8c62bb77e044859c3ad02c4b2ee6ae91c96e3348941c5dd60
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6OGWNXyPPVyeRT26HEdtzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.nexusnet.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6OGWNXyPPVyeRT26HEdtzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 21:01:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame 1173 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 19:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:17:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/ Frame 1173 		463 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/MydHw_zggsxIJuhSbyOmPv5R/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=MydHw_zggsxIJuhSbyOmPv5R&k=6LeAuF8mAAAAAGnbHKmnlxvLQ6MI-9adGr9_y4do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:35:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189533
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 02:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 15:35:37 GMT
92452812
mc.yandex.com/webvisor/ 		43 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/92452812?wv-part=1&wmode=0&wv-hit=332851069&page-url=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&rn=256175433&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1697662917%3Aw%3A1600x1200%3Av%3A1135%3Az%3A120%3Ai%3A20231018230157%3Au%3A1697662915625038675%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1697662917&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.nexusnet.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 21:01:57 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 18-Oct-2023 21:01:57 GMT
content-type
image/gif
access-control-allow-origin
https://auth.nexusnet.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 18-Oct-2023 21:01:57 GMT
92452812
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/92452812?wv-part=1&wmode=0&wv-hit=332851069&page-url=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&rn=232735695&wv-type=3&browser-info=we%3A1%3Aet%3A1697662918%3Aw%3A1600x1200%3Av%3A1135%3Az%3A120%3Ai%3A20231018230157%3Au%3A1697662915625038675%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1697662918&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.nexusnet.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 21:01:57 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 18-Oct-2023 21:01:57 GMT
content-type
image/gif
access-control-allow-origin
https://auth.nexusnet.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 18-Oct-2023 21:01:57 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3LBPT3MX0B&gtm=45je3ag0&_p=785112445&cid=1339212033.1697662914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697662914&sct=1&seg=0&dl=https%3A%2F%2Fauth.nexusnet.io%2Fsignin&dt=Nexusnet%20%7C%20anmelden&en=scroll&epn.percent_scrolled=90&_et=9
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LBPT3MX0B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.nexusnet.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 21:01:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.nexusnet.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer function| ym function| $ function| jQuery object| yii function| recaptchaOnloadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_17651 object| Ya object| yaCounter92452812

23 Cookies

Domain/Path Name / Value
.nexusnet.io/ Name: ref_key
Value: c5808364-48c4-450b-9f89-20147ef0f752
.nexusnet.io/ Name: advanced-auth
Value: 1l1qn0mpte20pfbc3iv5lg2huq
.nexusnet.io/ Name: _csrf-auth
Value: 62a59a349ad3970aa4009e93966eed8f593367d77645cb76aa4134695b3b5758a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22_csrf-auth%22%3Bi%3A1%3Bs%3A32%3A%222a9lZtc2Y5egvBhA9yy0S4o7JJNiUdEk%22%3B%7D
.nexusnet.io/ Name: _ga
Value: GA1.1.1339212033.1697662914
.nexusnet.io/ Name: _ga_3LBPT3MX0B
Value: GS1.1.1697662914.1.0.1697662914.0.0.0
.nexusnet.io/ Name: _ym_uid
Value: 1697662915625038675
.nexusnet.io/ Name: _ym_d
Value: 1697662915
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1747267684fake
.yandex.com/ Name: i
Value: jiv4CARHmW9DpdaiOkNq6dE8zdWJONIA06qbHddBdy/H4UKneAJ1hD5RfzH4m1DMSdVXi8o0ZJIA4K5nDwPgamMlYMU=
.yandex.com/ Name: yandexuid
Value: 9302941491697662914
.nexusnet.io/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 419881496fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 9302941491697662914
.yandex.ru/ Name: yuidss
Value: 9302941491697662914
.yandex.ru/ Name: i
Value: jiv4CARHmW9DpdaiOkNq6dE8zdWJONIA06qbHddBdy/H4UKneAJ1hD5RfzH4m1DMSdVXi8o0ZJIA4K5nDwPgamMlYMU=
.yandex.ru/ Name: yp
Value: 1697749314.yu.800598771697662914
.yandex.ru/ Name: ymex
Value: 1700254914.oyu.800598771697662914
mc.yandex.com/ Name: yabs-sid
Value: 1447979631697662915
.yandex.com/ Name: yuidss
Value: 9302941491697662914
.yandex.com/ Name: ymex
Value: 1729198915.yrts.1697662915
.yandex.com/ Name: bh
Value: KgI/MA==
.nexusnet.io/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.nexusnet.io
auth.nexusnet.io
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.21.36.100
142.250.186.72
172.217.16.195
172.217.16.196
216.239.36.178
216.58.212.131
87.250.250.119
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e3b1476c31ef5118bd932d9c98d5fd24902ab09ad8517a0eb4da3e88c586174
248db48e14eb17f19974117472ca07d25a1cbd60c623f91689efae0fab808e53
29f573c92656b16c2d41ab1c56605cd58cd6352902d9df442dd1f1134038918b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
62976af1b6b9b4d3d09607acda51f15d0a7d08d69dd2e0ca452136d60b632718
6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1
769962ab7a07c4983d99a56f89f1b55e54dbeea7d50a24e796d42e4c02610a91
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
898afa2bbdcafecc650265a689ddf25125ad56d753d5a2940299dd3119508203
9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06
957e98d01a3ebeac0bb5843ec186c3295bebaa69ffbed5111fbd3028833b1f23
97dadc8f2f18f0ba560ae23f7ca74c7dd1425febab9b3547a3cf6acdc0848b06
995516724f69e24ddf82e9279a65d50a6f64a2c325226f7133bda794d6bf79a5
a836478f6246ecdc8de956da072988ca33ac08caf44b822de660f419b0e63366
af954ae99c7c0d650b7d86c18d81bc9ecfcd36f453d713c264229136203da0d0
b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b
b3a9c136191e57b8c62bb77e044859c3ad02c4b2ee6ae91c96e3348941c5dd60
be50a817efdf4f809f9e5cb4c157b842be7f76a012b5abd9acadc472f248a5f8
caec186ae3a53593f6af402ad5c76c871cfb0bc3cf295d9b67be0846ef779f71
d3bcbd052a1f5bea8f027f8458b414ce7c2172aed740cb0b687c69a22e3fe7dd
d7b41a6596b5a87b1a1ca92d23765347590d72dbc98df1b849ec553280a17964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
f7972e97836412beac97d9e62d202b53eea53133e7e1de8d6d3c8c63a9ce6355