urlscan.io logo urlscan.io
SecurityTrails logo

pm.track-progress.com Open in urlscan Pro
13.235.72.40  Public Scan

Go To Rescan Add Verdict Report
URL: https://pm.track-progress.com/
Submission: On February 24 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 13.235.72.40, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is pm.track-progress.com.
TLS certificate: Issued by R3 on February 24th 2023. Valid for: 3 months.
This is the only time pm.track-progress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    13.235.72.40 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-235-72-40.ap-south-1.compute.amazonaws.com
pm.track-progress.com
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:400d:807::200d (Ireland)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
6 track-progress.com
pm.track-progress.com
17 MB
5 google.com
apis.google.com — Cisco Umbrella Rank: 111
accounts.google.com — Cisco Umbrella Rank: 76
49 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
59 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
87 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 761
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
962 B
19 6
Domain Requested by
6 pm.track-progress.com pm.track-progress.com
3 accounts.google.com apis.google.com
pm.track-progress.com
www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
2 apis.google.com pm.track-progress.com
apis.google.com
2 connect.facebook.net pm.track-progress.com
connect.facebook.net
2 unpkg.com 1 redirects pm.track-progress.com
1 www.gstatic.com accounts.google.com
1 fonts.googleapis.com pm.track-progress.com
19 8

This site contains no links.

Subject Issuer Validity Valid
pm.track-progress.com
R3		 2023-02-24 -
2023-05-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-03		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://pm.track-progress.com/
Frame ID: B857C5B03D1FABF85A8C6CE790965973
Requests: 17 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 0C8B111CD607BA783FF94F964501B69B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Basic SignIn | Velzon - React Admin & Dashboard Template

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

19
Requests

95 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

9
IPs

4
Countries

17608 kB
Transfer

17989 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://unpkg.com/aos@next/dist/aos.js HTTP 302
  • https://unpkg.com/aos@3.0.0-beta.6/dist/aos.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pm.track-progress.com/ 		694 B
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pm.track-progress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.235.72.40 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-235-72-40.ap-south-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c27aa47a965326bae0e65fdffe001eb1abd0d7d96e6846ed4ec6346c7ef89a00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 24 Feb 2023 11:24:24 GMT
ETag
W/"63f8925c-2b6"
Last-Modified
Fri, 24 Feb 2023 10:33:00 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
aos.js
unpkg.com/aos@3.0.0-beta.6/dist/
Redirect Chain
  • https://unpkg.com/aos@next/dist/aos.js
  • https://unpkg.com/aos@3.0.0-beta.6/dist/aos.js
13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aos@3.0.0-beta.6/dist/aos.js
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pm.track-progress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 11:24:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
31487611
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FWQ5SQX749GFZVZ3J687ZBXX-fra
server
cloudflare
etag
W/"35e8-44lQwbzmXp8EjjBbNWf/kKDJI+M"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
79e7d5ae2d656915-FRA

Redirect headers

date
Fri, 24 Feb 2023 11:24:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GT1J9J66H7515V3RV22E2FJ3-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
393
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/aos@3.0.0-beta.6/dist/aos.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
79e7d5ae0d446915-FRA
main.8bfe61ac.js
pm.track-progress.com/static/js/ 		15 MB
15 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm.track-progress.com/static/js/main.8bfe61ac.js
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.235.72.40 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-235-72-40.ap-south-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2094413a12c112de1c64c96ba6c4d4e5b37b727add61c01ce53a5a5e7c64f9f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pm.track-progress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 11:24:24 GMT
Last-Modified
Fri, 24 Feb 2023 10:33:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63f8925c-f10719"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15795993
main.ca618976.css
pm.track-progress.com/static/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pm.track-progress.com/static/css/main.ca618976.css
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.235.72.40 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-235-72-40.ap-south-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e59b41cca150bc59fdd28442be2583f5fdc918d7640a8dae391dcd13686d84f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pm.track-progress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 11:24:24 GMT
Last-Modified
Fri, 24 Feb 2023 10:33:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63f8925c-137d98"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1277336
css2
fonts.googleapis.com/ 		5 KB
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/static/css/main.ca618976.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pm.track-progress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Feb 2023 11:24:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 10:56:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Feb 2023 11:24:26 GMT
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/jpg
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/static/js/main.8bfe61ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
191dbb9eff4596f2111c8630ad1d6d893ae5f50e66427b3b9cd0d1ff0a725919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pm.track-progress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 11:24:29 GMT
content-md5
N8/p6aQxuFw5j2rvfi2UQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
n/sg9sshUIUqZhc86ohq2AnWvNZiXwrInWb+GBOH0hYcUM9jf3bIL3hx9nIBG3mdVn0ThxWP/iW2cMWdLHceAg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
b8455ca10e347d9d152be61a7cba98b0
cross-origin-opener-policy
same-origin-allow-popups
etag
"f572ce89f60787ac11e869136c69064f"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Feb 2023 11:31:34 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ce7ba8e1dcc459e3b98d8f7a514d471279a513255ac2e86e1c3eb666b3a2fda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
auth-one-bg.25e906a11e79860b57fd.jpg
pm.track-progress.com/static/media/ 		257 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pm.track-progress.com/static/media/auth-one-bg.25e906a11e79860b57fd.jpg
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/static/css/main.ca618976.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.235.72.40 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-235-72-40.ap-south-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
78b8208326937a3f13f64e8f5338c01bef39f09a17515747a8d37eed71ccbe1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pm.track-progress.com/static/css/main.ca618976.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 11:24:29 GMT
Last-Modified
Fri, 24 Feb 2023 10:33:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63f8925c-40227"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
262695
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pm.track-progress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 12:40:54 GMT
x-content-type-options
nosniff
age
81815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 12:40:54 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pm.track-progress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 21:17:40 GMT
x-content-type-options
nosniff
age
50809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 21:17:40 GMT
remixicon.90668f6f9b3c2c18a090.woff2
pm.track-progress.com/static/media/ 		122 KB
123 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pm.track-progress.com/static/media/remixicon.90668f6f9b3c2c18a090.woff2
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/static/css/main.ca618976.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.235.72.40 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-235-72-40.ap-south-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e61f0d10c8cac8cd0ecb36790d6cce883380c0b185ff3c9bf849ed336ba8285c

Request headers

Referer
https://pm.track-progress.com/static/css/main.ca618976.css
Origin
https://pm.track-progress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 11:24:29 GMT
Last-Modified
Fri, 24 Feb 2023 10:33:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63f8925c-1e954"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
125268
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pm.track-progress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:42:33 GMT
x-content-type-options
nosniff
age
67316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 16:42:33 GMT
materialdesignicons-webfont.606b16427a59a5a97afb.woff2
pm.track-progress.com/static/media/ 		353 KB
353 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pm.track-progress.com/static/media/materialdesignicons-webfont.606b16427a59a5a97afb.woff2
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/static/css/main.ca618976.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.235.72.40 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-235-72-40.ap-south-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
11e3d4caeceb6a9d4be5144f349b5abbb8e586f1568d58a24794331023249733

Request headers

Referer
https://pm.track-progress.com/static/css/main.ca618976.css
Origin
https://pm.track-progress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 24 Feb 2023 11:24:29 GMT
Last-Modified
Fri, 24 Feb 2023 10:33:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63f8925c-583a8"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
361384
api.js
apis.google.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/static/js/main.8bfe61ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea12dfa0a21ef0aff014277a2a2f37e1cdb77aa0d12418d163d32a24236228f1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pm.track-progress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 11:24:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6890
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"54342ea4be5fb089"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Feb 2023 11:24:29 GMT
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=92c361e2bdc414f51afab3c822b57c43
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30c099124da76a06cbce956038ef8680a580bba35b39673d38e7fb6101ebd6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pm.track-progress.com/
Origin
https://pm.track-progress.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 11:24:29 GMT
content-md5
045vfxrEUGZuIe65Z+u3QQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87017
x-fb-rlafr
0
x-fb-debug
OmiJs/YVjwGKEJ34R+gEWrf01w1xKCkjo20kYeQ5HqBWcV030Iu2p3NUZe/75LbPHjVJEIOPyddpi90+WVzbvA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
46b0692a2c9bf6c55b63c3017932c0a1
cross-origin-opener-policy
same-origin-allow-popups
etag
"c27da1586eb9280c0888c73c980363a7"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 24 Feb 2024 08:58:44 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/ 		115 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7722cf2a37addcff21e4f02d982f6d5e31c5a52424e289f33df6cae569b5ed4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pm.track-progress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 15:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39730
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Feb 2024 15:29:03 GMT
iframe
accounts.google.com/o/oauth2/ Frame 0C8B 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75d0dbdbd0bb7e8b0eb74553bfdcd4d634a8a4085d9976fb24954250774a448d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5g-9rWK7V3gZoIC9HDkJ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pm.track-progress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5g-9rWK7V3gZoIC9HDkJ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Feb 2023 11:24:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 0C8B 		2 KB
911 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: pm.track-progress.com
URL: https://pm.track-progress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
40b45417920372312b8dddb428adb33751516c7c17bd49b589928d53a7f19640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 24 Feb 2023 11:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.iuCd9gBBxAM.es5.O/d=1/rs=AOaEmlFvPjZUyMRGNL6tttDYgbxw7DqwXQ/ Frame 0C8B 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.iuCd9gBBxAM.es5.O/d=1/rs=AOaEmlFvPjZUyMRGNL6tttDYgbxw7DqwXQ/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c212c14cb821d1f4ce4685aa95c4fc56fa74628488f4816ed923a124a7ec45e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 04:42:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
196900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35003
x-xss-protection
0
last-modified
Sat, 18 Feb 2023 03:40:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 04:42:51 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 0C8B 		49 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fpm.track-progress.com&client_id=1046023766296-qs0cm8fjsp19dostpgbunefopsm00u72.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.iuCd9gBBxAM.es5.O/d=1/rs=AOaEmlFvPjZUyMRGNL6tttDYgbxw7DqwXQ/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F5sGPX2lQGgwJneS6BAfrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 11:24:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-F5sGPX2lQGgwJneS6BAfrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Fri, 24 Feb 2023 11:24:31 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| AOS object| webpackChunkvelzon_react function| _ object| TreemapSquared function| SVG object| Apex function| ApexCharts function| flatpickr object| CKEDITOR_TRANSLATIONS string| CKEDITOR_VERSION object| FullCalendarVDom object| Prism object| __framePainter object| Cleave object| _scriptMap object| L function| Color function| Chart function| fbAsyncInit object| FB object| __buffer object| gapi object| ___jsl object| osapi

2 Cookies

Domain/Path Name / Value
.pm.track-progress.com/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=iblzzMlb5POS4daIkSMjQDpPwv4DHwy6tYTA0lCPL13VoWl8Wp_fwYHLwoNeFq4p-4wH-xViQyAJPXvuVMeyXZ7d1l6bTD5sPkcKG4fZLiP76G18jnFN3z7WveAdtEchdrun_l9t52ZqOGh_jvpPwu-oBnU20LBwfWYjva3mpPc

3 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs(Line 173)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pm.track-progress.com
unpkg.com
www.gstatic.com
13.235.72.40
2606:4700::6810:7eaf
2a00:1450:4001:80f::2003
2a00:1450:400d:807::200d
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2003
2a03:2880:f01c:8012:face:b00c:0:3
0b233ef74e66bceb574d4c8ea432703b8bbdfbc6e5d0e5f6c14cf191799d63c7
11e3d4caeceb6a9d4be5144f349b5abbb8e586f1568d58a24794331023249733
191dbb9eff4596f2111c8630ad1d6d893ae5f50e66427b3b9cd0d1ff0a725919
2094413a12c112de1c64c96ba6c4d4e5b37b727add61c01ce53a5a5e7c64f9f1
30c099124da76a06cbce956038ef8680a580bba35b39673d38e7fb6101ebd6ab
3ce7ba8e1dcc459e3b98d8f7a514d471279a513255ac2e86e1c3eb666b3a2fda
40b45417920372312b8dddb428adb33751516c7c17bd49b589928d53a7f19640
75d0dbdbd0bb7e8b0eb74553bfdcd4d634a8a4085d9976fb24954250774a448d
78b8208326937a3f13f64e8f5338c01bef39f09a17515747a8d37eed71ccbe1d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e44d592889d9f5915ae6254f0a68a71196a5bc2540db9620b81effd976eba5b
9c212c14cb821d1f4ce4685aa95c4fc56fa74628488f4816ed923a124a7ec45e
b7722cf2a37addcff21e4f02d982f6d5e31c5a52424e289f33df6cae569b5ed4
c27aa47a965326bae0e65fdffe001eb1abd0d7d96e6846ed4ec6346c7ef89a00
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
dd1f9acf13b12f189da475e0f23c7c505767859ab620aac636964974093c281d
e59b41cca150bc59fdd28442be2583f5fdc918d7640a8dae391dcd13686d84f2
e61f0d10c8cac8cd0ecb36790d6cce883380c0b185ff3c9bf849ed336ba8285c
ea12dfa0a21ef0aff014277a2a2f37e1cdb77aa0d12418d163d32a24236228f1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785