accounts.google.com Open in urlscan Pro
2a00:1450:400c:c0a::54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://imgs.hcaptcha.com.iima.remotexs.in/
Effective URL:
https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlR...
Submission Tags: phishingrod
Submission: On May 01 via api (May 1st 2024, 10:18:45 am UTC) from DE — Scanned from DE

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 40 HTTP transactions. The main IP is 2a00:1450:400c:c0a::54, located in Brussels, Belgium and belongs to GOOGLE, US. The main domain is accounts.google.com. The Cisco Umbrella rank of the primary domain is 20.
TLS certificate: Issued by GTS CA 1C3 on April 8th 2024. Valid for: 3 months.

This is the only time accounts.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 17	35.154.106.89 35.154.106.89	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2491:3600:1a:7f3c:2f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.106 18.66.122.106	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:214... 2600:9000:214f:4e00:c:f87a:4c80:93a1	16509 (AMAZON-02) (AMAZON-02)
2 6	2a00:1450:400... 2a00:1450:400c:c0a::54	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
40	12

17 35.154.106.89 (Mumbai, India) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: iima.remotexs.in

imgs.hcaptcha.com.iima.remotexs.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgs-hcaptcha-com.iima.remotexs.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iima.remotexs.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.iima.remotexs.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:3600:1a:7f3c:2f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

my.nicheacademy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-106.fra60.r.cloudfront.net

cx0ihfpgk9.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:4e00:c:f87a:4c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.remotexs.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c0a::54 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	remotexs.in 2 redirects imgs.hcaptcha.com.iima.remotexs.in imgs-hcaptcha-com.iima.remotexs.in iima.remotexs.in cms.iima.remotexs.in	2 MB
10	gstatic.com fonts.gstatic.com ssl.gstatic.com	113 KB
7	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 20 www.google.com — Cisco Umbrella Rank: 2	695 KB
3	remotexs.co cdn.remotexs.co	313 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
1	youtube.com accounts.youtube.com — Cisco Umbrella Rank: 325
1	amazonaws.com cx0ihfpgk9.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 639486	10 KB
1	nicheacademy.com my.nicheacademy.com — Cisco Umbrella Rank: 66119	9 KB
40	9

	Domain	Requested by
13	iima.remotexs.in	iima.remotexs.in
9	ssl.gstatic.com
6	accounts.google.com	2 redirects iima.remotexs.in accounts.google.com
3	cdn.remotexs.co
2	cdnjs.cloudflare.com	my.nicheacademy.com
2	fonts.googleapis.com	iima.remotexs.in my.nicheacademy.com
2	imgs-hcaptcha-com.iima.remotexs.in
1	www.google.com
1	accounts.youtube.com
1	fonts.gstatic.com	accounts.google.com
1	cms.iima.remotexs.in	1 redirects
1	cx0ihfpgk9.execute-api.us-west-2.amazonaws.com	my.nicheacademy.com
1	my.nicheacademy.com	iima.remotexs.in
1	imgs.hcaptcha.com.iima.remotexs.in	1 redirects
40	14

This site contains links to these domains. Also see Links.

Domain
support.google.com

Subject Issuer	Validity	Valid
*.iima.remotexs.in R3	`2024-04-13` - `2024-07-12`	3 months	crt.sh
iima.remotexs.in R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
my.nicheacademy.com Amazon RSA 2048 M03	`2024-01-20` - `2025-02-16`	a year	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
cdn.remotexs.co Amazon RSA 2048 M02	`2023-11-19` - `2024-12-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzuxZ7iACihTlyYDzkCDU-Zdt0zmOcoQRM9ZuFnP5JvRN1-f4Q1MnDeL2AN27dnhrx3QJ8i
Frame ID: C14959B3DA50A4DBB37FA58F4E1E5BCC
Requests: 39 HTTP requests in this frame

Frame: https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-1378500384&timestamp=1714558720726
Frame ID: 788E18ADDCBBD5E89FBE9BC326C5000A
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/_/bscframe
Frame ID: 247A959691C582ADC4A3701AE0AA0169
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden – Google Konten

Page URL History Show full URLs

https://imgs.hcaptcha.com.iima.remotexs.in/ HTTP 302
https://imgs-hcaptcha-com.iima.remotexs.in/ Page URL
https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/ Page URL
https://cms.iima.remotexs.in/auth/login/google?redirect=https://iima.remotexs.in/saml-login HTTP 302
https://accounts.google.com/o/saml2/idp?idpid=C03pkn4u8&SAMLRequest=fZLdbtswDIVfxdC9LDt201iIU6QJhgXotqDJ... HTTP 302
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/id... HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

40
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

14
Subdomains

12
IPs

4
Countries

2730 kB
Transfer

5817 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/chrome/answer/6130773?hl=de
Title: Weitere Informationen zur Verwendung des Gastmodus

Search URL Search Domain Scan URL

URL: https://support.google.com/accounts?hl=de&p=account_iph
Title: Hilfe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://imgs.hcaptcha.com.iima.remotexs.in/ HTTP 302
https://imgs-hcaptcha-com.iima.remotexs.in/ Page URL
https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/ Page URL
https://cms.iima.remotexs.in/auth/login/google?redirect=https://iima.remotexs.in/saml-login HTTP 302
https://accounts.google.com/o/saml2/idp?idpid=C03pkn4u8&SAMLRequest=fZLdbtswDIVfxdC9LDt201iIU6QJhgXotqDJdrGbQpHpRKj%2BJspr9%2FZVnBXrMKwXAiSKH3UOxTkKoz1fDvFk7%2BHHABizZ6Mt8vGiJUOw3AlUyK0wgDxKvlt%2BuuOTvOA%2BuOik0%2BQN8j4hECFE5SzJNuuWPEyvpaxqONBp1Xe0LoSkzexQ0%2BtD30FfXYFoJiT7BgET05JUIoGIA2wsRmFjChWTmhZXtCj3ZcHLGa%2BavJk230m2Tl6UFXEkTzF65IwJKd1gI%2BZH544acukMc%2BwsfMJU52%2FSUl27Kir%2FaOthRrLtb4%2B3ynbKHt%2B3d7gkIf%2B432%2Fp9stuT7Llq%2BWVszgYCDsIP5WEr%2Fd3f2RJg7lSRuQBjIvwnE6WifQpTLtj2l7UJvVIFvOzWj52ISxeC%2FwDozJewzmVGdcNyao%2F%2BdEoQ88MRNGJKMbgmaUWnij6OXtbfH4Zjs%2FJ52a9dVrJX9kHF4yI%2F29DmZdjRHW0H1P5YNGDVL2CLnVDa%2Fe0CiAitKQXGoGwxeXVv6dw8QI%3D&RelayState=https%3A%2F%2Fiima.remotexs.in%2Fsaml-login HTTP 302
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&faa=1&sarp=1&scc=1 HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzuxZ7iACihTlyYDzkCDU-Zdt0zmOcoQRM9ZuFnP5JvRN1-f4Q1MnDeL2AN27dnhrx3QJ8i Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://imgs.hcaptcha.com.iima.remotexs.in/ HTTP 302
https://imgs-hcaptcha-com.iima.remotexs.in/

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

403
Forbidden

/ Show response
imgs-hcaptcha-com.iima.remotexs.in/
Redirect Chain

https://imgs.hcaptcha.com.iima.remotexs.in/
https://imgs-hcaptcha-com.iima.remotexs.in/

168 B
2 KB

416ms
136ms

Document
text/html

35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgs-hcaptcha-com.iima.remotexs.in/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: iima.remotexs.in
Software: nginx / Express
Resource Hash: 06f0c4e6ee8c8edca5a13e6f68f86adbf016600d56310f8ee59d32271543bbdc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,authorization,Origin,sourcekey,X-1P-WOS-SID,x-encrypted-subscriber-id,authority,mode,loginas,tenantenterpriseuserid,tenantuserid,authorizationid,pagesize,pageno,totalnumofrecordsdisplayed,euid,source,strict-transport-security,filter,access-control-allow-origin,Access-Control-Allow-Origin,appid,access-control-allow-origin,contenttoken,taxmannauthorization,x-react-content-type,clientip,tenantenterpriseuseruuid,tenancyId,x-client-host,redwood-user-locale,sms-tenantid,sms-serviceversion,emi-subscriber-id,emi-subscriber-jwt,api-auth-version,auth0-client,assetid,genericuser,newsystemtimeresult,sessionid,tenantenterpriseuserid,nyt-token,x-nyt-internal-meter-override,x-plid,x-nyt-entitlements,nyt-app-type,nyt-app-type,x-nyt-programming-abtest,x-pageview-id,x-nyt-news-tenure,x-okta-user-agent-extended
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 01 May 2024 10:18:37 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: Express

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,authorization,Origin,sourcekey,X-1P-WOS-SID,x-encrypted-subscriber-id,authority,mode,loginas,tenantenterpriseuserid,tenantuserid,authorizationid,pagesize,pageno,totalnumofrecordsdisplayed,euid,source,strict-transport-security,filter,access-control-allow-origin,Access-Control-Allow-Origin,appid,access-control-allow-origin,contenttoken,taxmannauthorization,x-react-content-type,clientip,tenantenterpriseuseruuid,tenancyId,x-client-host,redwood-user-locale,sms-tenantid,sms-serviceversion,emi-subscriber-id,emi-subscriber-jwt,api-auth-version,auth0-client,assetid,genericuser,newsystemtimeresult,sessionid,tenantenterpriseuserid,nyt-token,x-nyt-internal-meter-override,x-plid,x-nyt-entitlements,nyt-app-type,nyt-app-type,x-nyt-programming-abtest,x-pageview-id,x-nyt-news-tenure,x-okta-user-agent-extended
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Wed, 01 May 2024 10:18:37 GMT
Location: https://imgs-hcaptcha-com.iima.remotexs.in/
Server: nginx
Transfer-Encoding: chunked
Vary: Accept
X-Powered-By: Express

GET
H/1.1 200
OK login Show response
iima.remotexs.in/user/ 15 KB
7 KB 426ms
139ms Document
text/html 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

9ee79c9e49072c1816451f0296fec69cad504cd1e9a2df0bbc12f6acc926b4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://imgs-hcaptcha-com.iima.remotexs.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 01 May 2024 10:18:38 GMT
ETag: W/"65fae50f-3c7c"
Last-Modified: Wed, 20 Mar 2024 13:30:55 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1

GET
H/1.1 200
OK favicon.ico
imgs-hcaptcha-com.iima.remotexs.in/ 15 KB
15 KB 270ms
270ms Other
image/x-icon 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://imgs-hcaptcha-com.iima.remotexs.in/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: iima.remotexs.in
Software: nginx / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:37 GMT
via: 1.1 914dbe74ea96bd4eab279d4e05aee014.cloudfront.net (CloudFront)
x-amz-cf-pop: TLV50-C2
age: 2365777
X-Powered-By: Express
x-cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15086
last-modified: Tue, 26 Mar 2024 11:08:00 GMT
Server: nginx
etag: "6602ac90-3aee"
Content-Type: image/x-icon
Access-Control-Allow-Origin: *
cache-control: max-age=2592000, public
Accept-Ranges: bytes
x-amz-cf-id: 6DfY2Rko8a3ByIyz1anFIVdefADMqdsp1Y__TUPTWZN-38jp19f_Mg==
expires: Tue, 30 Apr 2024 02:14:52 GMT

GET
H/1.1 200
OK theme-light.css
iima.remotexs.in/assets/theme/blue/ 190 KB
190 KB 144ms
143ms Stylesheet
text/css 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/assets/theme/blue/theme-light.css

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

363db9a6c520186c995135636735a1f74824b84c130f520e2f0e66978337c2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:38 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Mar 2024 13:30:16 GMT
Server: nginx
ETag: "65fae4e8-2f62d"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 194093
X-XSS-Protection: 1

GET
H/1.1 200
OK layout-light.css
iima.remotexs.in/assets/layout/css/ 115 KB
115 KB 530ms
264ms Stylesheet
text/css 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/assets/layout/css/layout-light.css

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

133f033f521c6b1a77fbf2bd3ce4f250183f82885d33a6d7c11925704c36b50e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:38 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Mar 2024 13:30:16 GMT
Server: nginx
ETag: "65fae4e8-1cc17"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 117783
X-XSS-Protection: 1

GET
H2 200 css
fonts.googleapis.com/ 768 B
799 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Marcellus%20SC

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

311cec5c525d71db3caad7b6495a8b88eb14d0cd0dd5ebf01942d21bbe1df344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 May 2024 10:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 May 2024 10:18:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 May 2024 10:18:38 GMT

GET
H2 200 klisc Show response
my.nicheacademy.com/api/widgets/ 31 KB
9 KB 222ms
170ms Script
application/javascript 2600:9000:2491:3600:1a:7f3c:2f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://my.nicheacademy.com/api/widgets/klisc
Requested by: Host: iima.remotexs.in
URL: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:3600:1a:7f3c:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / Express
Resource Hash: b1c7fd8cbfd6c8c6125dceb2e7776fb665179d69c0ae5e648634461703c46a1e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:18:38 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
x-powered-by: Express
etag: W/"7ce5-JSst3l5fTC9rdKYkKYaB9W3Ytx8"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, pref_lang, tempuserid, cache-control,sentry-trace, baggage
x-amz-cf-id: u4gbpqWIsWw0WVUsRffGqV_ZgnzYh6TGMB0wtWC_OyuB0i4dHZQJGg==

GET
H/1.1 200
OK 7.e02654e3.chunk.css
iima.remotexs.in/static/css/ 473 KB
474 KB 563ms
275ms Stylesheet
text/css 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/static/css/7.e02654e3.chunk.css

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

dc8ac4508acd70a0b39437d83333225b5bf47c189e20d45bae745b248cccbd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:38 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Mar 2024 13:30:55 GMT
Server: nginx
ETag: "65fae50f-764c5"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 484549
X-XSS-Protection: 1

GET
H/1.1 200
OK main.8c0b7940.chunk.css
iima.remotexs.in/static/css/ 377 KB
377 KB 560ms
265ms Stylesheet
text/css 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/static/css/main.8c0b7940.chunk.css

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

d270803bd20fe25184b5bf9e0d5ae47f37fb825e14cc3373f2001bcdc8b640fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:38 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Mar 2024 13:30:55 GMT
Server: nginx
ETag: "65fae50f-5e341"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 385857
X-XSS-Protection: 1

GET
H/1.1 200
OK 7.d73f209c.chunk.js Show response
iima.remotexs.in/static/js/ 666 KB
193 KB 743ms
336ms Script
application/javascript 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/static/js/7.d73f209c.chunk.js

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

7f7a7cebd4eb030f31f706fbe2eaad41d65d8ed761a63c812419ea3b93f0d662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:38 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Wed, 20 Mar 2024 13:30:55 GMT
Server: nginx
ETag: W/"65fae50f-a6975"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: 1

GET
H/1.1 200
OK main.75360f57.chunk.js Show response
iima.remotexs.in/static/js/ 557 KB
95 KB 679ms
272ms Script
application/javascript 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/static/js/main.75360f57.chunk.js

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

885c6a33c41a5432d4af924a8edf4b010a5e1c4b5dfcb3606a435b1d25ee00ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:38 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Wed, 20 Mar 2024 13:30:55 GMT
Server: nginx
ETag: W/"65fae50f-8b3c7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: 1

GET
H2 200 fdead2
cx0ihfpgk9.execute-api.us-west-2.amazonaws.com/production/widget/klisc/theme/f6941c/ 10 KB
10 KB 615ms
443ms Stylesheet
text/css 18.66.122.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cx0ihfpgk9.execute-api.us-west-2.amazonaws.com/production/widget/klisc/theme/f6941c/fdead2
Requested by: Host: my.nicheacademy.com
URL: https://my.nicheacademy.com/api/widgets/klisc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-106.fra60.r.cloudfront.net
Software: /
Resource Hash: 13ba70e78a4f6cc692ea6e67c0f0f0f560d7c48c8f8ca552e25b1bf4d720b962

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:18:38 GMT
via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amzn-trace-id: Root=1-663216fe-4276d680116c51184bb0c1cf;Parent=71ac3ac234498cff;Sampled=0;lineage=103cbc2e:0
x-amzn-requestid: 742207ec-cec9-403e-8f20-04e3e3194d13
x-cache: Miss from cloudfront
content-type: text/css
x-amz-apigw-id: XFiH4HK_vHcESmQ=
content-length: 10122
x-amz-cf-id: hSpC_Dr-YRlKQo5T1kxI3eTZRM7ooYrIl43Nv2dYNhAwi8NqGbAyPQ==

GET
H3 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 28 KB
5 KB 189ms
21ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.css

Requested by

Host: my.nicheacademy.com
URL: https://my.nicheacademy.com/api/widgets/klisc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1691172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4566
last-modified: Sat, 06 Jan 2024 12:19:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6599374f-11d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dm1OFT%2FH%2B0KVYtoK4L%2FFe5VLCCvYNPh2QJJiuB2XkPRKXkO5heik%2F%2FJVLDqNRS9LaGYirjuDL71dZLp1Bcg6dKRv42U1Eq0QH5tZhSpco6%2BAURKAVRl8pbebC5sfW3z3cIX5W0asjmKGgj4PuxkOyz4s"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87cf07577e8619a0-FRA
expires: Mon, 21 Apr 2025 10:18:38 GMT

GET
H3 200 es6-shim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.35.3/ 55 KB
15 KB 193ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es6-shim/0.35.3/es6-shim.min.js

Requested by

Host: my.nicheacademy.com
URL: https://my.nicheacademy.com/api/widgets/klisc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c79606528eab7b89d35276752f1b2a53b970790b8855f644ae3d8adb8aad7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 459166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14321
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e54-dca5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbm4LJLVCaMWv08KXyz%2BXpaIvmlSwxm9j2r%2B7oN%2BP988p3eW%2BiT8e8Hf2ugMGf9IG4yco3nVojgJRXZLQRBMBDhdQHZscTeat%2B%2Br3QzBTDzAAwKvutSPCmjtTnE8Uk4NVCFHxkA1%2FA7TE%2BsDDehkFBwD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 87cf07577e8219a0-FRA
expires: Mon, 21 Apr 2025 10:18:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,700&subset=latin,greek,greek-ext,vietnamese,cyrillic-ext,cyrillic,latin-ext

Requested by

Host: my.nicheacademy.com
URL: https://my.nicheacademy.com/api/widgets/klisc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4e2ce21dcb90e7b2f6ad64cba859d64390245fc62ab00d326831c9ac157f88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 May 2024 10:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 May 2024 10:18:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 May 2024 10:18:38 GMT

GET
H/1.1 200
OK en.json Show response
iima.remotexs.in/locales/ 7 KB
3 KB 155ms
155ms Fetch
application/json 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/locales/en.json

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/static/js/7.d73f209c.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

2644fca8b9c4ff195b7c8fd492f8d6ad8fb4611f6004688f15d87f992e0451ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:39 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Wed, 20 Mar 2024 13:30:17 GMT
Server: nginx
ETag: W/"65fae4e9-1b37"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: 1

GET
H/1.1 200
OK favicon.ico
iima.remotexs.in/ 15 KB
7 KB 144ms
144ms Other
text/html 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:39 GMT
Strict-Transport-Security: max-age=31536000; preload
Content-Encoding: gzip
Last-Modified: Wed, 20 Mar 2024 13:30:55 GMT
Server: nginx
ETag: W/"65fae50f-3c7c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
X-XSS-Protection: 1

GET
H2 200 iima2.png
cdn.remotexs.co/institute-logos/ 202 KB
202 KB 180ms
8ms Image
image/png 2600:9000:214f:4e00:c:f87a:4c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.remotexs.co/institute-logos/iima2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4e00:c:f87a:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:18:40 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
last-modified: Sat, 27 Apr 2024 12:13:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
etag: "336c0a562633a323190cf21ef229c15c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 206695
x-amz-cf-id: r7-X86OiIGXk84cwFtzzbLKpXZr5f4kBhG0TK-FPc1snB-VNJ1XsOg==

GET
H/1.1 200
OK remotexs_logo.fe92fd77.png
iima.remotexs.in/static/media/ 80 KB
0 146ms
145ms Image
image/png 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iima.remotexs.in/static/media/remotexs_logo.fe92fd77.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/user/login?dest=https://imgs-hcaptcha-com.iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:39 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Mar 2024 13:30:55 GMT
Server: nginx
ETag: "65fae50f-29e47"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 171591
X-XSS-Protection: 1

GET
H3

200

Primary Request InteractiveLogin Show response
accounts.google.com/
Redirect Chain

https://cms.iima.remotexs.in/auth/login/google?redirect=https://iima.remotexs.in/saml-login
https://accounts.google.com/o/saml2/idp?idpid=C03pkn4u8&SAMLRequest=fZLdbtswDIVfxdC9LDt201iIU6QJhgXotqDJdrGbQpHpRKj%2BJspr9%2FZVnBXrMKwXAiSKH3UOxTkKoz1fDvFk7%2BHHABizZ6Mt8vGiJUOw3AlUyK0wgDxKvlt%2Bu...
https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowN...
https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2...

2 MB
691 KB

98ms
92ms

Document
text/html

2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzuxZ7iACihTlyYDzkCDU-Zdt0zmOcoQRM9ZuFnP5JvRN1-f4Q1MnDeL2AN27dnhrx3QJ8i

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/static/js/main.75360f57.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db05b01c0973f4730a0de64eb8b71bfb5aa9b8c208291495ffc10de3127c49c0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport script-src 'report-sample' 'nonce-A3t0ohynGhgwOGNSKZ1ulw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://iima.remotexs.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport script-src 'report-sample' 'nonce-A3t0ohynGhgwOGNSKZ1ulw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
date: Wed, 01 May 2024 10:18:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
server: GSE
strict-transport-security: max-age=31536000; includeSubDomains
x-auto-login: realm=com.google&args=continue%3Dhttps%253A%252F%252Faccounts.google.com%252Fo%252Fsaml2%252Fidp%253Ffrom_login%253D1%2526zt%253DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%2525E2%252588%252599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%2526as%253D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-d7N_1rMR0ChXKNJ21tjKaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
content-type: application/binary
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 01 May 2024 10:18:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzuxZ7iACihTlyYDzkCDU-Zdt0zmOcoQRM9ZuFnP5JvRN1-f4Q1MnDeL2AN27dnhrx3QJ8i
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iima-bg.jpeg
cdn.remotexs.co/institute-bg/ 72 KB
73 KB 191ms
29ms Image
image/jpeg 2600:9000:214f:4e00:c:f87a:4c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.remotexs.co/institute-bg/iima-bg.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4e00:c:f87a:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:18:40 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
last-modified: Sat, 27 Apr 2024 12:14:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
etag: "e11296f5f622a20dc390372e026b0b3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 73987
x-amz-cf-id: SqFabX1zhEqdr26-ULCi1CC3s7E5tsGJa3ob2mZzB8X38vKkXAswOA==

GET
H/1.1 200
OK nunito-v12-latin-ext_latin-600.woff2
iima.remotexs.in/assets/layout/fonts/ 31 KB
32 KB 137ms
137ms Font
application/octet-stream 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/assets/layout/fonts/nunito-v12-latin-ext_latin-600.woff2

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/assets/layout/css/layout-light.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/assets/layout/css/layout-light.css
Origin: https://iima.remotexs.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:39 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Mar 2024 13:30:16 GMT
Server: nginx
ETag: "65fae4e8-7d24"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32036
X-XSS-Protection: 1

GET
H/1.1 200
OK primeicons.78172950.woff2
iima.remotexs.in/static/media/ 29 KB
30 KB 136ms
136ms Font
application/octet-stream 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/static/media/primeicons.78172950.woff2

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/static/css/7.e02654e3.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/static/css/7.e02654e3.chunk.css
Origin: https://iima.remotexs.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:39 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Mar 2024 13:30:55 GMT
Server: nginx
ETag: "65fae50f-75e4"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30180
X-XSS-Protection: 1

GET
H/1.1 200
OK nunito-v12-latin-ext_latin-regular.woff2
iima.remotexs.in/assets/layout/fonts/ 31 KB
31 KB 138ms
138ms Font
application/octet-stream 35.154.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iima.remotexs.in/assets/layout/fonts/nunito-v12-latin-ext_latin-regular.woff2

Requested by

Host: iima.remotexs.in
URL: https://iima.remotexs.in/assets/layout/css/layout-light.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.154.106.89 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

iima.remotexs.in

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/assets/layout/css/layout-light.css
Origin: https://iima.remotexs.in
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 10:18:39 GMT
Strict-Transport-Security: max-age=31536000; preload
Last-Modified: Wed, 20 Mar 2024 13:30:16 GMT
Server: nginx
ETag: "65fae4e8-7c6c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31852
X-XSS-Protection: 1

GET
H2 200 iima.ico
cdn.remotexs.co/institute-favicon/ 38 KB
38 KB 90ms
27ms Other
image/x-icon 2600:9000:214f:4e00:c:f87a:4c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.remotexs.co/institute-favicon/iima.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4e00:c:f87a:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://iima.remotexs.in/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:18:40 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
last-modified: Sat, 27 Apr 2024 12:14:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
etag: "ea117c452af6140f186a54110f895fe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/x-icon
accept-ranges: bytes
content-length: 38708
x-amz-cf-id: DagTkfyNcb-14FwiPGKmBs-lxx41qTEWOgpCivKzhqT96-RYx_7f1A==

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2
fonts.gstatic.com/s/googlesans/v58/ 51 KB
52 KB 44ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzuxZ7iACihTlyYDzkCDU-Zdt0zmOcoQRM9ZuFnP5JvRN1-f4Q1MnDeL2AN27dnhrx3QJ8i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Origin: https://accounts.google.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:32:52 GMT
x-content-type-options: nosniff
age: 92748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52280
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:36:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 08:32:52 GMT

GET
H2 200 m=n73qwf,MpJwZc,otPmVb,rlNAl Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 2 KB
1 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=1/excm=mn_initial_css/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/m=mnb,identifier_view,unknownerror_view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72f6550ca65bde16f34ad0f393ff4b6f95de89d6f75fd74dd89480f44d4d678b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 823
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 07:45:30 GMT

GET
H2 200 CheckConnection
accounts.youtube.com/accounts/ Frame 788E 0
0 89ms
54ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-1378500384&timestamp=1714558720726

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://accounts.google.com require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport script-src 'report-sample' 'nonce-BgTzElgP3cEmBbxyurQ8-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://accounts.google.com
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://accounts.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors https://accounts.google.com require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport script-src 'report-sample' 'nonce-BgTzElgP3cEmBbxyurQ8-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 01 May 2024 10:18:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/AccountsDomainCookiesCheckConnectionHttp/web-reports?context=eJzjUtDikmJw1JBikPj6kkkDiJ3SZ7AGAXHSv_OsRUAsxMPRsO7ERjaBGTs7fjMBAHOFEck"
server: ESF
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://accounts.google.com
x-xss-protection: 0

GET
H2 200 m=kmSu5b,nSePib,wg0Xlc,ltDFwf,FY2WYe,Rkm0ef,sy80,aC1iue,C4utjd,PpLKeb,f8Gu1e,wHhlDf,Ts8zpc,yJC6Qb,m9oV,sy81,RAnnUd,i5dxUd,I639vc,sy82,sy83,sy84,yRXbo,JRqRD,Fndnac,mvkUhe,CMcBD Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 56 KB
17 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/m=kmSu5b,nSePib,wg0Xlc,ltDFwf,FY2WYe,Rkm0ef,sy80,aC1iue,C4utjd,PpLKeb,f8Gu1e,wHhlDf,Ts8zpc,yJC6Qb,m9oV,sy81,RAnnUd,i5dxUd,I639vc,sy82,sy83,sy84,yRXbo,JRqRD,Fndnac,mvkUhe,CMcBD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7990cbf38a1ffdeac34043450e3e7544d1387788da4eb4699f9c5583ac02164f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17305
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 08:03:57 GMT

GET
H3 200 m=sy7x,sy7w,ijDOT Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 3 KB
972 B 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cceb4737b7f2c960de5c0f3e8f9e2de8a3fa9862f4a94c04fe4a99dd1d6ff56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:54:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 946
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 07:54:21 GMT

GET
H3 200 m=sy8m,N5Lqpc,sy8n,fgj8Rb,k8LRXb,sy8j,sy8l,Xpr1Cc,NoODMc Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 19 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d66fe6657eef77d075fa4aacf31862890e4a9067bbded6175e16a2cf39aa69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6862
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 08:09:36 GMT

GET
H3 200 m=iAskyc,ziXSP Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 2 KB
769 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f388d98c56e6e3eaba2605c61e1140c88c69df9705007b5539ffa260a72c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 743
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 07:57:31 GMT

GET
H3 200 m=wRkuv,zSBR2e,wGM7Jc,NTMZac,sy85,bTi8wc,i5H9N,kRGwK,sy87,sy88,uu7UOe,sy8c,qNG0Fc,sy89,PHUIyb,sy8d,soHxf,ywOR5c,FHru6e,Tbb4sb Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 54 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/m=wRkuv,zSBR2e,wGM7Jc,NTMZac,sy85,bTi8wc,i5H9N,kRGwK,sy87,sy88,uu7UOe,sy8c,qNG0Fc,sy89,PHUIyb,sy8d,soHxf,ywOR5c,FHru6e,Tbb4sb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2451bf6b7b0fc659bdabd8c7f4ecb8235a2c7109437d2e0f3c06642be5170a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17325
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 07:51:11 GMT

GET
H3 200 m=sy5n,sy7h,sy7m,sy7i,sy7j,sy7n,sy5i,sy5s,sy5t,sy5j,sy7g,sy5l,sy5o,sy5p,sy5u,sy5w,sy51,sy53,sy57,sy5g,sy5h,sy5k,sy5m,sy5q,sy5r,sy5v,sy5x,sy5y,sy5z,initialpage_view Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 31 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/m=sy5n,sy7h,sy7m,sy7i,sy7j,sy7n,sy5i,sy5s,sy5t,sy5j,sy7g,sy5l,sy5o,sy5p,sy5u,sy5w,sy51,sy53,sy57,sy5g,sy5h,sy5k,sy5m,sy5q,sy5r,sy5v,sy5x,sy5y,sy5z,initialpage_view

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7da8ec82b260acf18022304d4aae0927c12a8433c412d480b070345d3c4bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8708
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 07:51:12 GMT

POST
H3 200 eligible Show response
accounts.google.com/_/kids/signup/ 45 B
90 B 44ms
43ms XHR
application/json 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/kids/signup/eligible?hl=de&_reqid=44321&rt=j

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9feef3c86bbecda68772523c044a1c1fdb2087eca6401fdb48dcf40ecdeae768

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Same-Domain: 1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
Google-Accounts-XSRF: 1
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.78", "Google Chrome";v="124.0.6367.78", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
sec-ch-ua-full-version: "124.0.6367.78"
Referer: https://accounts.google.com/signin/v2/identifier?continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzgEc1xqtKvhJivDhuWMY26m41BGm0OMPTMFjmrj2onT8FzOhlPm9gfawbYrU8I4Mat3IbQ&ddm=0&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Response headers

date: Wed, 01 May 2024 10:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bscframe Show response
accounts.google.com/_/ Frame 247A 15 B
69 B 66ms
66ms Document
text/html 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/bscframe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-eval';require-trusted-types-for 'script';object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://accounts.google.com/signin/v2/identifier?continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzgEc1xqtKvhJivDhuWMY26m41BGm0OMPTMFjmrj2onT8FzOhlPm9gfawbYrU8I4Mat3IbQ&ddm=0&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "124.0.6367.78"
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.78", "Google Chrome";v="124.0.6367.78", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-wow64: ?0

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'unsafe-eval';require-trusted-types-for 'script';object-src 'none'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInSignUpUi"
cross-origin-resource-policy: same-site
date: Wed, 01 May 2024 10:18:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"AccountsSignInSignUpUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInSignUpUi"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=sy9g,sy9l,sy9j,sy9k,sy9f,sy99,sycg,pwd_view Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 17 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb5fefe0c37caff16215b2519314180900b126eab22eac596a538f5c76f57a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6409
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 07:44:58 GMT

GET
H3 200 m=sy8b,wg1P6b Show response
ssl.gstatic.com/accounts/static/_/js/k=gaia.gaiafe_materialnext.de.hWhMPSZJEHw.O/am=AANEAJOABBbqBoC9gCgAcAgAAAAAAAAAwEQMgJUQoCIB/d=0/excm=mn_initial_css/ed=1/rs=ABkqax3MmQAzgf-BggZm9Xm0wAwesaIUOw/ 7 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bc208a73e1a3924c603bbef2bec9a97bc8ee5faabe3d9b547a0954bc098bac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gaia-moduleserver-writers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2756
x-xss-protection: 0
last-modified: Sat, 20 Apr 2024 07:23:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gaia-moduleserver-writers"
vary: Accept-Encoding, Origin
report-to: {"group":"gaia-moduleserver-writers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gaia-moduleserver-writers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 08:00:56 GMT

GET
H3 200 favicon.ico
www.google.com/ 5 KB
1 KB 25ms
8ms Other
image/x-icon 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://accounts.google.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 09:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1494
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/x-icon
cache-control: public, max-age=691200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 May 2024 09:54:45 GMT

GET
H3 204 generate_204
accounts.google.com/ 0
10 B 20ms
19ms Image
text/plain 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/generate_204?FQd4ug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.78"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://accounts.google.com/signin/v2/identifier?continue=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https%3A%2F%2Faccounts.google.com%2Fo%2Fsaml2%2Fidp%3Ffrom_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzgEc1xqtKvhJivDhuWMY26m41BGm0OMPTMFjmrj2onT8FzOhlPm9gfawbYrU8I4Mat3IbQ&ddm=0&flowName=GlifWebSignIn&flowEntry=ServiceLogin
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.78", "Google Chrome";v="124.0.6367.78", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 10:18:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.iima.remotexs.in/	1970-01-20 20:16:02	Name: remotexs Value: s%3A6Ccv-K0UuQaC70g_CRbixTDHU60Qqbcl.a8rcPWYBY9gfly1SPeey16QcmH2AY2AL44BGmaBiMqs
			accounts.google.com/	1970-01-21 05:51:58	Name: __Host-GAPS Value: 1:HEJoo4hs7valLD5xiPl40Ru7ErXPaA:Qe4QX2z91hLn4fXy

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://imgs-hcaptcha-com.iima.remotexs.in/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
recommendation	verbose	URL: https://accounts.google.com/InteractiveLogin?continue=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&faa=1&followup=https://accounts.google.com/o/saml2/idp?from_login%3D1%26zt%3DChRTVFlRZ0hDRE9VYTBud0ZDN1p0ahIfa3dZS1Fzb3FmQlVWUUhVU2RlLXNqMHo3aVowNjh4Zw%25E2%2588%2599AOlG-isAAAAAZjNogL-I6YWqn8C8bVScF4TF_K0xUMEb%26as%3D-0zb32FPhKon_tfvovxAVVbrfWp26olKQzTyUFm1ZYg&ltmpl=popup&oauth=1&passive=1209600&sarp=1&scc=1&ifkv=AaSxoQzuxZ7iACihTlyYDzkCDU-Zdt0zmOcoQRM9ZuFnP5JvRN1-f4Q1MnDeL2AN27dnhrx3QJ8i Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
accounts.youtube.com
cdn.remotexs.co
cdnjs.cloudflare.com
cms.iima.remotexs.in
cx0ihfpgk9.execute-api.us-west-2.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
iima.remotexs.in
imgs-hcaptcha-com.iima.remotexs.in
imgs.hcaptcha.com.iima.remotexs.in
my.nicheacademy.com
ssl.gstatic.com
www.google.com
18.66.122.106
2600:9000:214f:4e00:c:f87a:4c80:93a1
2600:9000:2491:3600:1a:7f3c:2f00:93a1
2606:4700::6811:190e
2a00:1450:4001:811::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c0a::54
35.154.106.89
06f0c4e6ee8c8edca5a13e6f68f86adbf016600d56310f8ee59d32271543bbdc
133f033f521c6b1a77fbf2bd3ce4f250183f82885d33a6d7c11925704c36b50e
13ba70e78a4f6cc692ea6e67c0f0f0f560d7c48c8f8ca552e25b1bf4d720b962
2644fca8b9c4ff195b7c8fd492f8d6ad8fb4611f6004688f15d87f992e0451ba
2c2451bf6b7b0fc659bdabd8c7f4ecb8235a2c7109437d2e0f3c06642be5170a
311cec5c525d71db3caad7b6495a8b88eb14d0cd0dd5ebf01942d21bbe1df344
363db9a6c520186c995135636735a1f74824b84c130f520e2f0e66978337c2f1
3eb5fefe0c37caff16215b2519314180900b126eab22eac596a538f5c76f57a6
4c79606528eab7b89d35276752f1b2a53b970790b8855f644ae3d8adb8aad7da
57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
72f6550ca65bde16f34ad0f393ff4b6f95de89d6f75fd74dd89480f44d4d678b
7990cbf38a1ffdeac34043450e3e7544d1387788da4eb4699f9c5583ac02164f
7f7a7cebd4eb030f31f706fbe2eaad41d65d8ed761a63c812419ea3b93f0d662
85d66fe6657eef77d075fa4aacf31862890e4a9067bbded6175e16a2cf39aa69
885c6a33c41a5432d4af924a8edf4b010a5e1c4b5dfcb3606a435b1d25ee00ac
8bc208a73e1a3924c603bbef2bec9a97bc8ee5faabe3d9b547a0954bc098bac4
93f388d98c56e6e3eaba2605c61e1140c88c69df9705007b5539ffa260a72c55
9a7da8ec82b260acf18022304d4aae0927c12a8433c412d480b070345d3c4bbe
9ee79c9e49072c1816451f0296fec69cad504cd1e9a2df0bbc12f6acc926b4bb
9feef3c86bbecda68772523c044a1c1fdb2087eca6401fdb48dcf40ecdeae768
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
b1c7fd8cbfd6c8c6125dceb2e7776fb665179d69c0ae5e648634461703c46a1e
b4e2ce21dcb90e7b2f6ad64cba859d64390245fc62ab00d326831c9ac157f88b
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e
cceb4737b7f2c960de5c0f3e8f9e2de8a3fa9862f4a94c04fe4a99dd1d6ff56c
d270803bd20fe25184b5bf9e0d5ae47f37fb825e14cc3373f2001bcdc8b640fc
db05b01c0973f4730a0de64eb8b71bfb5aa9b8c208291495ffc10de3127c49c0
dc8ac4508acd70a0b39437d83333225b5bf47c189e20d45bae745b248cccbd8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

accounts.google.com Open in urlscan Pro 2a00:1450:400c:c0a::54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

82 %IPv6

9 Domains

14 Subdomains

12 IPs

4 Countries

2730 kBTransfer

5817 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

accounts.google.com Open in urlscan Pro
2a00:1450:400c:c0a::54 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

82 %
IPv6

9
Domains

14
Subdomains

12
IPs

4
Countries

2730 kB
Transfer

5817 kB
Size

2
Cookies

40 HTTP transactions
1 data transactions