fotoforensics.com Open in urlscan Pro
2605:b40:f0c0:1::5:5a  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fotoforensics.com/	15 KB 6 KB	620ms 334ms	Document text/html	2605:b40:f0c0:1::5:5a FORT-COLLINS-CONN...
General Check archive.org Show headers Download Go to Full URL https://fotoforensics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2605:b40:f0c0:1::5:5a , United States, ASN397142 (FORT-COLLINS-CONNEXION, US), Reverse DNS Software nginx / Resource Hash 297a42f0c86ee56bad5a45496167ab728ec8ec78eebf4acdade07966bbe170d4 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch UA,Platform,Brand,Version,Arch,Model,Mobile cache-control no-transform,private,max-age=600,s-maxage=900 content-encoding gzip content-type text/html;charset=UTF-8 date Sat, 03 Jun 2023 04:40:24 GMT expires Sat, 03 Jun 2023 05:40:24 GMT permissions-policy interest-cohort=() server nginx x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	style.css fotoforensics.com/	27 KB 28 KB	136ms 133ms	Stylesheet text/css	2605:b40:f0c0:1::5:5a FORT-COLLINS-CONN...
General Check archive.org Show headers Download Go to Full URL https://fotoforensics.com/style.css?1680492035 Requested by Host: fotoforensics.com URL: https://fotoforensics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2605:b40:f0c0:1::5:5a , United States, ASN397142 (FORT-COLLINS-CONNEXION, US), Reverse DNS Software nginx / Resource Hash 581308461bd5b6a73d6e65a4e4cdda695ed3071fa154b012eab58dbeb85bf227 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fotoforensics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 04:40:24 GMT last-modified Mon, 03 Apr 2023 04:20:35 GMT server nginx accept-ch UA,Platform,Brand,Version,Arch,Model,Mobile etag "ahYkRXVGdxUnFycXJxF3R3ZHd0d3R3dHd0d3R3dHd0dxFGhaPF9uW25XKx0pHn8cKBsjXyPV" x-frame-options SAMEORIGIN content-type text/css;charset=UTF-8 cache-control no-transform,private,max-age=600,s-maxage=900 permissions-policy interest-cohort=() x-xss-protection 1; mode=block expires Sat, 03 Jun 2023 04:50:24 GMT
GET H2	200	FotoForensics-Banner.png fotoforensics.com/	42 KB 43 KB	272ms 269ms	Image image/png	2605:b40:f0c0:1::5:5a FORT-COLLINS-CONN...
General Check archive.org Show headers Download Go to Show image Full URL https://fotoforensics.com/FotoForensics-Banner.png Requested by Host: fotoforensics.com URL: https://fotoforensics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2605:b40:f0c0:1::5:5a , United States, ASN397142 (FORT-COLLINS-CONNEXION, US), Reverse DNS Software nginx / Resource Hash c78f18bd635e7e084b69e263b229d583ed12942ca9309d376fb75a591d1d94ef Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fotoforensics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 04:40:24 GMT last-modified Thu, 22 Sep 2022 16:26:14 GMT server nginx accept-ch UA,Platform,Brand,Version,Arch,Model,Mobile etag "XCASc0NwQSMRIREhESdBcUBxQXFBcUFxQXFBcUFxQXFHIl5sCmlZaAo9QXdDdBV2QnFJNUnz" x-frame-options SAMEORIGIN content-type image/png cache-control no-transform,private,max-age=600,s-maxage=900 permissions-policy interest-cohort=() x-xss-protection 1; mode=block expires Sat, 03 Jun 2023 05:40:24 GMT
GET		page_embed_script.js ghbmnnjooekpmoecnnnilnnbdlolhkhi/	0 0
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 876 B	156ms 47ms	Script text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=onload Requested by Host: fotoforensics.com URL: https://fotoforensics.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8e5488b0b92b5f015dfd5cf5a95c6b6881015da1d26d1caf76a6bf2dd41347de Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 04:40:24 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 556 x-xss-protection 1; mode=block expires Sat, 03 Jun 2023 04:40:24 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/	410 KB 164 KB	135ms 38ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=onload Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://fotoforensics.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 30 May 2023 16:43:55 GMT content-encoding gzip x-content-type-options nosniff age 302190 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 167800 x-xss-protection 0 last-modified Tue, 30 May 2023 00:01:16 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 29 May 2024 16:43:55 GMT
GET H2	403	ipv64-16.png ipv4.fotoforensics.com/img/	12 B 79 B	413ms 127ms	Image image/png	198.99.80.174 FORT-COLLINS-CONN...
General Check archive.org Show headers Download Go to Show image Full URL https://ipv4.fotoforensics.com/img/ipv64-16.png?v=Zi9.CXVHJhYlFHZEdER0RHIUJBUkFCQUJBQkFCQUJBQkFCQSdws.D3NDP0PJ Requested by Host: fotoforensics.com URL: https://fotoforensics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.99.80.174 Fort Collins, United States, ASN397142 (FORT-COLLINS-CONNEXION, US), Reverse DNS dhcp-198-99-80-174.fcconnexion.net Software nginx / Resource Hash cddbc3772fc72e4ab0ac800e9d4137c246316a5d768e46e77c43ecbd5c2919c9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 04:40:25 GMT server nginx content-length 12 content-type image/png
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame E834	51 KB 28 KB	63ms 62ms	Document text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6&co=aHR0cHM6Ly9mb3RvZm9yZW5zaWNzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=lgq7zbbv1w8u Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ab1e06f6a1ca490abdc5ef8bb0e8fe51dc0ce84af2cc2efafdc20375960670a3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-0Y_oIsm7JDsD3q-F4JR_1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 28686 content-security-policy script-src 'report-sample' 'nonce-0Y_oIsm7JDsD3q-F4JR_1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 03 Jun 2023 04:40:25 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame E834	55 KB 24 KB	120ms 38ms	Stylesheet text/css	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6&co=aHR0cHM6Ly9mb3RvZm9yZW5zaWNzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=lgq7zbbv1w8u Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 30 May 2023 15:47:25 GMT content-encoding gzip x-content-type-options nosniff age 305580 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24605 x-xss-protection 0 last-modified Tue, 30 May 2023 00:01:16 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 29 May 2024 15:47:25 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame E834	410 KB 164 KB	140ms 51ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6&co=aHR0cHM6Ly9mb3RvZm9yZW5zaWNzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=lgq7zbbv1w8u Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 30 May 2023 16:43:55 GMT content-encoding gzip x-content-type-options nosniff age 302190 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 167800 x-xss-protection 0 last-modified Tue, 30 May 2023 00:01:16 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 29 May 2024 16:43:55 GMT
GET H2	200	ipv6-16.png ipv6.fotoforensics.com/img/	887 B 1 KB	222ms 140ms	Image image/png	2605:b40:f0c0:1::5:5a FORT-COLLINS-CONN...
General Check archive.org Show headers Download Go to Show image Full URL https://ipv6.fotoforensics.com/img/ipv6-16.png?v=Zi9.CXVHJhYlFHZEdER0RHIUJBUkFCQUJBQkFCQUJBQkFCQSdws.D3NDP0PJ Requested by Host: fotoforensics.com URL: https://fotoforensics.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2605:b40:f0c0:1::5:5a , United States, ASN397142 (FORT-COLLINS-CONNEXION, US), Reverse DNS Software nginx / Resource Hash af670220d0efe7b2b638cc0dc1c64d0acd99fa3cbb70f7149f3ed044df9d6615 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 04:40:25 GMT last-modified Thu, 22 Sep 2022 16:26:13 GMT server nginx accept-ch UA,Platform,Brand,Version,Arch,Model,Mobile etag "iPTGp5eklffF9cX1xfOVpZSllaWVpZWllaWVpZWllaWT9oq43r2NvN7rl6GVosOglKee4p6o" x-frame-options SAMEORIGIN content-type image/png cache-control no-transform,private,max-age=600,s-maxage=900 permissions-policy interest-cohort=() x-xss-protection 1; mode=block expires Sat, 03 Jun 2023 05:40:25 GMT
GET DATA	200 OK	truncated / Frame E834	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame E834	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame E834	2 KB 2 KB	43ms 41ms	Image image/png	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 27 May 2023 22:52:35 GMT x-content-type-options nosniff age 539270 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sat, 03 Jun 2023 22:52:35 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E834	15 KB 16 KB	128ms 38ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6&co=aHR0cHM6Ly9mb3RvZm9yZW5zaWNzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=lgq7zbbv1w8u Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 00:54:58 GMT x-content-type-options nosniff age 13527 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 00:54:58 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame E834	102 B 134 B	47ms 47ms	Other text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL- Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6&co=aHR0cHM6Ly9mb3RvZm9yZW5zaWNzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=lgq7zbbv1w8u Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6&co=aHR0cHM6Ly9mb3RvZm9yZW5zaWNzLmNvbTo0NDM.&hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&size=normal&cb=lgq7zbbv1w8u User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 04:40:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112 x-xss-protection 1; mode=block expires Sat, 03 Jun 2023 04:40:25 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame A610	7 KB 1 KB	58ms 51ms	Document text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 0337023f0283a789d0b13c0f9e4fca193ac39e6651dcbf93edb3e71af99f696f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zIbZfJbTr7N5bHvepEAU4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1155 content-security-policy script-src 'report-sample' 'nonce-zIbZfJbTr7N5bHvepEAU4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 03 Jun 2023 04:40:26 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame A610	55 KB 24 KB	40ms 39ms	Stylesheet text/css	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 30 May 2023 15:47:25 GMT content-encoding gzip x-content-type-options nosniff age 305581 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24605 x-xss-protection 0 last-modified Tue, 30 May 2023 00:01:16 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 29 May 2024 15:47:25 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/ Frame A610	410 KB 164 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=sNQO7xVld1CuA2hfFHvkpVL-&k=6LeEwL4UAAAAAOaxP14QEbMGYQW3BLDhtEkU6TT6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 30 May 2023 16:43:55 GMT content-encoding gzip x-content-type-options nosniff age 302191 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 167800 x-xss-protection 0 last-modified Tue, 30 May 2023 00:01:16 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 29 May 2024 16:43:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ghbmnnjooekpmoecnnnilnnbdlolhkhi

URL

chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend number| HasHistory string| pvt string| bp string| u function| hashcode object| n object| c undefined| d boolean| HistoryKey string| HistoryKeyNext function| HistorySort function| HistoryGetKey function| HistoryGetAll function| HistoryWrite function| HistoryAdd function| HistoryUpdate function| HistoryDel function| CaptchaReq function| ValidateURL function| ValidateFile function| SetClassVal function| htmlEntities function| RemoveFile function| SetPreview function| DisableForm function| EnableForm number| MaxUploads number| timeoutid function| testipv object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_213551

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://ipv4.fotoforensics.com/img/ipv64-16.png?v=Zi9.CXVHJhYlFHZEdER0RHIUJBUkFCQUJBQkFCQUJBQkFCQSdws.D3NDP0PJ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
fotoforensics.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
ipv4.fotoforensics.com
ipv6.fotoforensics.com
www.google.com
www.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
198.99.80.174
2605:b40:f0c0:1::5:5a
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2003
0337023f0283a789d0b13c0f9e4fca193ac39e6651dcbf93edb3e71af99f696f
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1daa7d28de3f07e56e24af825644bef76478ce3c720de872e4e1dd5b386107c6
297a42f0c86ee56bad5a45496167ab728ec8ec78eebf4acdade07966bbe170d4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
581308461bd5b6a73d6e65a4e4cdda695ed3071fa154b012eab58dbeb85bf227
73fcbeac0f15bb0d757c476b3f620154ac6ba5152ea55cc4c89e43cd9db55c46
8e5488b0b92b5f015dfd5cf5a95c6b6881015da1d26d1caf76a6bf2dd41347de
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
ab1e06f6a1ca490abdc5ef8bb0e8fe51dc0ce84af2cc2efafdc20375960670a3
af670220d0efe7b2b638cc0dc1c64d0acd99fa3cbb70f7149f3ed044df9d6615
c78f18bd635e7e084b69e263b229d583ed12942ca9309d376fb75a591d1d94ef
cddbc3772fc72e4ab0ac800e9d4137c246316a5d768e46e77c43ecbd5c2919c9