urlscan.io logo urlscan.io
SecurityTrails logo

sites.google.com Open in urlscan Pro
2a00:1450:400d:80c::200e  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://sites.google.com/view/redirectmybank/home
Submission Tags: https://phish.report @phish_report Search All
Submission: On January 04 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 27 HTTP transactions. The main IP is 2a00:1450:400d:80c::200e, located in Ireland and belongs to GOOGLE, US. The main domain is sites.google.com. The Cisco Umbrella rank of the primary domain is 10895.
TLS certificate: Issued by GTS CA 1C3 on November 28th 2022. Valid for: 3 months.
This is the only time sites.google.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Land Bank of the Philippines (Banking)

Domain & IP information

3    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
sites.google.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
633740613-atari-embeds.googleusercontent.com
1    2600:9000:21f3:6800:7:49a5:5fd2:2221 (United States)

ASN16509 (AMAZON-02, US)
www.amazon.com
1    2a04:4e42:200::272 (United States)

ASN54113 (FASTLY, US)
images-na.ssl-images-amazon.com
2    104.87.147.92 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-147-92.deploy.static.akamaitechnologies.com
www.lbpiaccess.com
ofbank.com.ph
Apex Domain
Subdomains		 Transfer
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
804 KB
10 google.com
sites.google.com — Cisco Umbrella Rank: 10895
apis.google.com — Cisco Umbrella Rank: 163
175 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
2 KB
1 ofbank.com.ph
ofbank.com.ph
22 KB
1 lbpiaccess.com
www.lbpiaccess.com
442 KB
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 695
377 B
1 amazon.com
www.amazon.com — Cisco Umbrella Rank: 241
500 B
1 googleusercontent.com
633740613-atari-embeds.googleusercontent.com
1 KB
27 8
Domain Requested by
8 www.gstatic.com sites.google.com
www.gstatic.com
7 apis.google.com sites.google.com
apis.google.com
www.gstatic.com
633740613-atari-embeds.googleusercontent.com
3 fonts.gstatic.com fonts.googleapis.com
3 sites.google.com www.gstatic.com
2 fonts.googleapis.com sites.google.com
1 ofbank.com.ph 633740613-atari-embeds.googleusercontent.com
1 www.lbpiaccess.com 633740613-atari-embeds.googleusercontent.com
1 images-na.ssl-images-amazon.com 633740613-atari-embeds.googleusercontent.com
1 www.amazon.com 1 redirects
1 633740613-atari-embeds.googleusercontent.com www.gstatic.com
27 10

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.landbank.com
R3		 2022-11-24 -
2023-02-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://sites.google.com/view/redirectmybank/home
Frame ID: 76082D9CC3D80B5BCB514B587E253898
Requests: 18 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__&r=369489460
Frame ID: 5A840EFC98A962B1AE093D1CBB4A5E21
Requests: 3 HTTP requests in this frame

Frame: https://633740613-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__
Frame ID: 5CFED31211BCE7ACC6DC848ADCDDC603
Requests: 3 HTTP requests in this frame

Frame: https://images-na.ssl-images-amazon.com/images/G/01/nav/transp.gif
Frame ID: 6633E6F80F15DE4669436AF402C11D52
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://sites\.google\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

27
Requests

96 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

1447 kB
Transfer

4032 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.amazon.com/gp/r.html?C=3IEUZBO845Z3Y&K=121YVFD9DQICL&M=urn:rtn:msg:20200509233333049b4396cef64bea9c474ebddf30p0na&R=268BKPMZCQMAP&T=O&U=https://images-na.ssl-images-amazon.com/images/G/01/nav/transp.gif&H=ZZJX8QHTG7ZY3AXA7U1EZZIHNJAA&ref_=pe_2617090_407789620_opens HTTP 302
  • https://images-na.ssl-images-amazon.com/images/G/01/nav/transp.gif

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
sites.google.com/view/redirectmybank/ 		78 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/view/redirectmybank/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
494bb3c6e28925c9d08ff31755b37e4f18ca74d3e6165b09671c96181647cc84
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-SzgmoxoPPBzHImfKlORMHQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-SzgmoxoPPBzHImfKlORMHQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
date
Wed, 04 Jan 2023 06:07:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ESF
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0
css
fonts.googleapis.com/ 		4 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/redirectmybank/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b6aff6e09494259b0f9cdaa32c9b72c552e40b323413e9964d92f6b6e7a006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Jan 2023 06:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 05:47:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Jan 2023 06:07:19 GMT
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/redirectmybank/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
205200acf73f653da1b5f5b306246d80720b4170128314423575d36c35f63bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Jan 2023 06:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 04:25:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Jan 2023 06:07:19 GMT
rs=AGEqA5mrXOxEgaeh46WVNlBRPelf1ebHCQ
www.gstatic.com/_/atari/_/ss/k=atari.vw.xyUT5ZE03P8.L.W.O/d=1/ 		1 MB
139 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.xyUT5ZE03P8.L.W.O/d=1/rs=AGEqA5mrXOxEgaeh46WVNlBRPelf1ebHCQ
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/redirectmybank/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096264c54bd3e5df223af16a7c534e10dde59bab479095305aac403a03186f6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 18:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141630
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 13:35:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Mon, 01 Jan 2024 18:11:11 GMT
client.js
apis.google.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/redirectmybank/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca416172330e2b5fac68f86d0be59ac24215eb0723248deb84e659d33c4da9c5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Jan 2023 06:07:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"39ab8f0ed9c9b23a"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jan 2023 06:07:19 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/ 		520 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/redirectmybank/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa97ce4b0a421979f52f956d1c91d728661784255a4cbbaa1af92280888c527f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 14:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229884
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179976
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 13:30:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Mon, 01 Jan 2024 14:15:55 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.YkVYIZbIEg0.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw/ 		308 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.YkVYIZbIEg0.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3504160e1543bfb3cdbcdba00d547e0fb391c13164d6ff291ac813a2c2d13f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 00:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106890
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Jan 2024 00:31:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
469505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:42:15 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 21:35:41 GMT
x-content-type-options
nosniff
age
462699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 21:35:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 09:07:05 GMT
x-content-type-options
nosniff
age
334815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 09:07:05 GMT
m=sy1a,sy1b,sy19,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=sy1a,sy1b,sy19,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bad1ee98f47f5851cb29afc3edaec3703dbd77c18cae42abf9ce464c2ae3f8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 05:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12437
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 13:30:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 03 Jan 2024 05:04:15 GMT
m=sy2n,TRvtze
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/ 		854 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=sy2n,TRvtze
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82474bc232fcc56575ed37383100bb1bc3017fb38fa559d026647b1516d013f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 05:04:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
492
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 13:30:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 03 Jan 2024 05:04:15 GMT
m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy14,TGYpv,syz,X85Uvc,HIeYee,QxOCld,syx,YXyON,sy2p,abQiW,W26a5e,hJUyqe,sy11,sy16,sy12,sy13,sy15,fuVYe,syj,ruhlUe,KUM7Z,XDKZTc,sy10,qkPXAf,sy18,zPx2U,qEW1W,oNFsLb,sy3n,...
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/ 		1 MB
396 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy14,TGYpv,syz,X85Uvc,HIeYee,QxOCld,syx,YXyON,sy2p,abQiW,W26a5e,hJUyqe,sy11,sy16,sy12,sy13,sy15,fuVYe,syj,ruhlUe,KUM7Z,XDKZTc,sy10,qkPXAf,sy18,zPx2U,qEW1W,oNFsLb,sy3n,yxTchf,sy3o,sy3p,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2r,SM1lmd,sy6,sy5,syw,RRzQxe,zZvHmd,syy,YV8yqd,sy7,sya,syk,sy9,fNFZH,sy2q,sy1g,sy1r,syl,RrXLpc,cgRV2c,sy1s,o1L5Wb,X4BaPc,syf,Md9ENb,sy1i,sy1j,sy1k,syn,sy1d,sy1e,sy1f,sy1h,sy1q,syo,syv,KlrXId,NlqxW,sy1n,sy1o,sy1p,sy1m,sy1v,syb,syq,sy1l,sy1u,sy1y,sy20,sy25,sy1w,sy24,sy2c,sy1t,sy1x,sy22,sy1z,sy23,sy26,sy29,sy2b,sy2e,sy2f,sy1c,T807ad,sy21,ZDEHrf,sy27,sy28,sy2a,sy2d,oy3iwb,dBhIIb,syp,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,R4KMEc,sy2g,sy2h,sy2i,sy2j,UYjpC,vVEdxc,sy3,VYKRW,sy17,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18f7d8e0d511a201dd33a6452281be4d80da77702f0ff61b3d393af249ab0bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 19:29:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
405332
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 13:30:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 28 Dec 2023 19:29:58 GMT
m=sy3e,IZT63,vfuNJf,sy38,sy3c,sy3f,sy3s,sy3q,sy3r,siKnQd,sy36,sy3d,sy3h,YNjGDd,sy3g,sy3i,PrPYRd,iFQyKf,hc6Ubd,sy3t,SpsfSb,sy39,sy3b,wR5FRb,pXdRYb,dIoSBb,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=sy3e,IZT63,vfuNJf,sy38,sy3c,sy3f,sy3s,sy3q,sy3r,siKnQd,sy36,sy3d,sy3h,YNjGDd,sy3g,sy3i,PrPYRd,iFQyKf,hc6Ubd,sy3t,SpsfSb,sy39,sy3b,wR5FRb,pXdRYb,dIoSBb,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed10106fd2317f36dba0f7bcdc46ce2112ffbb0e51f865b1a553dcf7170ed168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 07:56:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79832
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10029
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 13:30:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 03 Jan 2024 07:56:48 GMT
m=m9oV,sy3j,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2s,uu7UOe,nAFL3,sy2m,gJzDyc,sy2t,sy3u,soHxf,sys,syu,HYv29e,sy2u,uY3Nvd
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=0/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=m9oV,sy3j,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2s,uu7UOe,nAFL3,sy2m,gJzDyc,sy2t,sy3u,soHxf,sys,syu,HYv29e,sy2u,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a129bfa4feb54750c76348d2d01385220a5c4196fdaee5411910af2489784e88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 00:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10961
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 13:30:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 03 Jan 2024 00:52:16 GMT
logImpressions
sites.google.com/_/view/ 		16 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sites.google.com/view/redirectmybank/home
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 06:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.YkVYIZbIEg0.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw/ 		262 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.YkVYIZbIEg0.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565ab2585eeecf4761638b61d7d553fb1bdc66a1d6d3b5e1f9d1974a36ee0075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 23:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
180
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 23:29:11 GMT
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 5A84 		2 KB
947 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__&r=369489460
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sites.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 06:07:20 GMT
expires
Thu, 04 Jan 2024 06:07:20 GMT
last-modified
Tue, 03 Jan 2023 14:21:17 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api.js
apis.google.com/js/ Frame 5A84 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__&r=369489460
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a2431e0f786c1b4059034601d0beb51471e447021b00d7e207d00a1b6e29e3b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Jan 2023 06:07:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"f27fc819e0ba4d5a"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jan 2023 06:07:20 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.YkVYIZbIEg0.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw/ Frame 5A84 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.YkVYIZbIEg0.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e60eae56f59ec11b5bf61d118e5a2f728db7c5d197a084a54e50bf1c2f581906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 15:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16581
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Jan 2024 15:22:51 GMT
inner-frame-minified.html
633740613-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame 5CFE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://633740613-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__&r=369489460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 06:07:21 GMT
expires
Thu, 04 Jan 2024 06:07:21 GMT
last-modified
Tue, 03 Jan 2023 14:21:17 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api.js
apis.google.com/js/ Frame 5CFE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 633740613-atari-embeds.googleusercontent.com
URL: https://633740613-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a2431e0f786c1b4059034601d0beb51471e447021b00d7e207d00a1b6e29e3b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://633740613-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Jan 2023 06:07:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"f27fc819e0ba4d5a"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jan 2023 06:07:21 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.YkVYIZbIEg0.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw/ Frame 5CFE 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.YkVYIZbIEg0.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e60eae56f59ec11b5bf61d118e5a2f728db7c5d197a084a54e50bf1c2f581906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://633740613-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 15:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16581
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 01 Jan 2024 15:22:51 GMT
transp.gif
images-na.ssl-images-amazon.com/images/G/01/nav/ Frame 6633
Redirect Chain
  • https://www.amazon.com/gp/r.html?C=3IEUZBO845Z3Y&K=121YVFD9DQICL&M=urn:rtn:msg:20200509233333049b4396cef64bea9c474ebddf30p0na&R=268BKPMZCQMAP&T=O&U=https://images-na.ssl-images-amazon.com/images/G/...
  • https://images-na.ssl-images-amazon.com/images/G/01/nav/transp.gif
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/nav/transp.gif
Requested by
Host: 633740613-atari-embeds.googleusercontent.com
URL: https://633740613-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__
Protocol
H2
Server
2a04:4e42:200::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://633740613-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Tue, 20 Sep 2022 01:00:38 GMT
date
Wed, 04 Jan 2023 06:07:21 GMT
last-modified
Fri, 12 Sep 2008 09:26:48 GMT
age
55974
x-cache
HIT from fastly, HIT from fastly
content-type
image/gif
access-control-allow-origin
*
x-nginx-cache-status
HIT
cache-control
max-age=86400,public
x-amz-ir-id
c44dff01-7b79-4b0b-bd72-c0ec4a1a280a
server-timing
provider;desc="fy"
accept-ranges
bytes
timing-allow-origin
https://www.amazon.com
content-length
43
x-served-by
cache-iad-kjyo7100123-IAD, cache-bma1637-BMA

Redirect headers

date
Wed, 04 Jan 2023 06:07:21 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
x-amz-rid
XSA1KK60TQD16H1NCV07
x-amzn-requestid
f0685102-8141-4288-ae6f-9a13b9c390bb
vary
Content-Type,X-Amzn-Percentage-Routing,Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
location
https://images-na.ssl-images-amazon.com/images/G/01/nav/transp.gif
x-cache
Miss from cloudfront
content-length
2
x-amz-cf-id
5cliKxCDxkRTcUgl-vt2uI21uYD1Hvl_d19YKPD0AjhdSrm51ryCGQ==
lbpiaccess.jpg
www.lbpiaccess.com/resources/images/ Frame 6633 		441 KB
442 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lbpiaccess.com/resources/images/lbpiaccess.jpg
Requested by
Host: 633740613-atari-embeds.googleusercontent.com
URL: https://633740613-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.87.147.92 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-147-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7bedd38060b64d53ad5c2ad1e2f330970cc61069f65d3d28a32809d329bfce23
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://633740613-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Date
Wed, 04 Jan 2023 06:07:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 04 Nov 2022 08:54:24 GMT
X-Frame-Options
SAMEORIGIN
X-ORACLE-DMS-ECID
36e7d1e8-ca53-466b-adcf-c26b671eb960-00a9be5a
Content-Type
image/jpeg
X-ORACLE-DMS-RID
0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
451959
X-XSS-Protection
1; mode=block
globalsign.png
ofbank.com.ph/images/ Frame 6633 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofbank.com.ph/images/globalsign.png
Requested by
Host: 633740613-atari-embeds.googleusercontent.com
URL: https://633740613-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.YkVYIZbIEg0.O%2Fd%3D1%2Frs%3DAHpOoo8lRgWuWYYFqy40vRePIDVPvhU3Uw%2Fm%3D__features__
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.87.147.92 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-147-92.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
57ab7a20e842e766c5091ad86d946fd9feee6d8c79cc1fe5812da1afdeebb83e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://633740613-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 06:07:22 GMT
Last-Modified
Mon, 18 May 2020 21:06:58 GMT
Server
Apache
ETag
"570e-5a5f28b1aa080"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22286
logImpressions
sites.google.com/_/view/ 		16 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.fSUSJcOGqtg.O/d=1/rs=AGEqA5mrCV8nwQqugKA_91wWrp83v7NbRg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sites.google.com/view/redirectmybank/home
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 06:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Land Bank of the Philippines (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw function| _F_installCss object| _bind object| closure_lm_723622 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| _getTimingInstance function| _docsTiming function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope number| closure_uid_897955680

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=l8S8cS3x3hQitczja7ZfAEImE16wh1KmisDcPC3Pj3gbkjNMgqhL3hp1tAXA62zaDLq3MOYlcle9G-aGC32CaMb1PYFJDkePq4aZxS1UbQobyOcIxS3MwCRR2otvFtk8pDxQbY5JEcAhd62oxOU9qBRGEHdNldkANVLEF46j5Ew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-SzgmoxoPPBzHImfKlORMHQ' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

633740613-atari-embeds.googleusercontent.com
apis.google.com
fonts.googleapis.com
fonts.gstatic.com
images-na.ssl-images-amazon.com
ofbank.com.ph
sites.google.com
www.amazon.com
www.gstatic.com
www.lbpiaccess.com
104.87.147.92
2600:9000:21f3:6800:7:49a5:5fd2:2221
2a00:1450:4001:827::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:400d:803::2003
2a00:1450:400d:806::2001
2a00:1450:400d:80c::200e
2a04:4e42:200::272
096264c54bd3e5df223af16a7c534e10dde59bab479095305aac403a03186f6b
13b6aff6e09494259b0f9cdaa32c9b72c552e40b323413e9964d92f6b6e7a006
18f7d8e0d511a201dd33a6452281be4d80da77702f0ff61b3d393af249ab0bed
205200acf73f653da1b5f5b306246d80720b4170128314423575d36c35f63bec
3504160e1543bfb3cdbcdba00d547e0fb391c13164d6ff291ac813a2c2d13f09
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
494bb3c6e28925c9d08ff31755b37e4f18ca74d3e6165b09671c96181647cc84
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
565ab2585eeecf4761638b61d7d553fb1bdc66a1d6d3b5e1f9d1974a36ee0075
57ab7a20e842e766c5091ad86d946fd9feee6d8c79cc1fe5812da1afdeebb83e
5a2431e0f786c1b4059034601d0beb51471e447021b00d7e207d00a1b6e29e3b
7bedd38060b64d53ad5c2ad1e2f330970cc61069f65d3d28a32809d329bfce23
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
82474bc232fcc56575ed37383100bb1bc3017fb38fa559d026647b1516d013f8
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
a129bfa4feb54750c76348d2d01385220a5c4196fdaee5411910af2489784e88
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bad1ee98f47f5851cb29afc3edaec3703dbd77c18cae42abf9ce464c2ae3f8d9
ca416172330e2b5fac68f86d0be59ac24215eb0723248deb84e659d33c4da9c5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e60eae56f59ec11b5bf61d118e5a2f728db7c5d197a084a54e50bf1c2f581906
ed10106fd2317f36dba0f7bcdc46ce2112ffbb0e51f865b1a553dcf7170ed168
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa97ce4b0a421979f52f956d1c91d728661784255a4cbbaa1af92280888c527f