urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
142.251.40.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.rimcaucmewkn8.wolaivweumkfn8.art/
Effective URL: https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8Ww...
Submission: On March 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 12 domains to perform 40 HTTP transactions. The main IP is 142.251.40.228, located in Queens, United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 2.
TLS certificate: Issued by GTS CA 1C3 on February 26th 2024. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 213.229.66.214 29550 (SIMPLYTRA...)
1 1 193.46.255.169 47890 (UNMANAGED...)
1 5 130.255.79.215 29141 (BKVG-AS)
2 62.212.87.244 60781 (LEASEWEB-...)
12 108.139.33.158 16509 (AMAZON-02)
2 104.18.11.207 13335 (CLOUDFLAR...)
4 52.219.75.5 16509 (AMAZON-02)
1 172.67.209.214 13335 (CLOUDFLAR...)
1 1 172.217.165.142 15169 (GOOGLE)
7 142.251.40.228 15169 (GOOGLE)
6 142.250.65.227 15169 (GOOGLE)
1 142.251.40.195 15169 (GOOGLE)
40 10
1    213.229.66.214 (Henley on Thames, United Kingdom)

ASN29550 (SIMPLYTRANSIT, GB)
PTR: oxford.noc401.com
www.rimcaucmewkn8.wolaivweumkfn8.art
1    193.46.255.169 (Romania)

ASN47890 (UNMANAGED-DEDICATED-SERVERS, GB)
PTR: hostingmailto077.statics.servermail.org
track.mltrck.com
5    130.255.79.215 (Germany)

ASN29141 (BKVG-AS, DE)
PTR: server-redlemon01.virtualhosts.de
www.jetzt-dabei-sein.com
ambatis.de
www.rlcontrol.de
2    62.212.87.244 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: opticksconversions.com
cleanleadsonly.com
12    108.139.33.158 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-158.jfk50.r.cloudfront.net
rlmgws-data.s3-accelerate.amazonaws.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    52.219.75.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
rlmgws-data.s3.eu-central-1.amazonaws.com
1    172.67.209.214 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-consulatu.com
1    172.217.165.142 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f14.1e100.net
google.com
7    142.251.40.228 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f4.1e100.net
www.google.com
6    142.250.65.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net
www.gstatic.com
1    142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
12 rlmgws-data.s3-accelerate.amazonaws.com ambatis.de
rlmgws-data.s3-accelerate.amazonaws.com
7 www.google.com cleanleadsonly.com
www.google.com
www.gstatic.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 rlmgws-data.s3.eu-central-1.amazonaws.com ambatis.de
3 ambatis.de rlmgws-data.s3-accelerate.amazonaws.com
ambatis.de
2 maxcdn.bootstrapcdn.com ambatis.de
maxcdn.bootstrapcdn.com
2 cleanleadsonly.com ambatis.de
cleanleadsonly.com
1 fonts.gstatic.com www.google.com
1 google.com 1 redirects
1 trk-consulatu.com ambatis.de
1 www.rlcontrol.de ambatis.de
1 www.jetzt-dabei-sein.com 1 redirects
1 track.mltrck.com 1 redirects
1 www.rimcaucmewkn8.wolaivweumkfn8.art 1 redirects
0 rltools.de Failed ambatis.de
40 15

This site contains links to these domains. Also see Links.

Domain
support.google.com
Subject Issuer Validity Valid
www.ambatis.de
R3		 2024-03-13 -
2024-06-11		 3 months crt.sh
track.opticks.io
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
*.s3-accelerate.amazonaws.com
Amazon RSA 2048 M01		 2023-12-19 -
2024-12-02		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.s3.eu-central-1.amazonaws.com
Amazon RSA 2048 M01		 2024-02-08 -
2025-01-18		 a year crt.sh
www.rlcontrol.de
R3		 2024-01-31 -
2024-04-30		 3 months crt.sh
trk-consulatu.com
GTS CA 1P5		 2024-02-23 -
2024-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Frame ID: 41CB635ADBB1E9772FC6AB425568B18B
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
Frame ID: 1067A3F9F7590402C61CFCB49CB4135F
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Frame ID: 277A26E95B693A83D011B2224F97198A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

https://google.com/

Page URL History Show full URLs

  1. https://www.rimcaucmewkn8.wolaivweumkfn8.art/ HTTP 301
    https://track.mltrck.com/?a=182217&c=315751&co=250694&mt=3 HTTP 302
    https://www.jetzt-dabei-sein.com/de,ultraflex,responsive,zooloo_921.html?idPartner=85&idCampaignAd=0&subId=18... HTTP 302
    https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de& Page URL
  2. https://google.com/ HTTP 302
    https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UT... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

40
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

10
IPs

6
Countries

2363 kB
Transfer

3616 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.rimcaucmewkn8.wolaivweumkfn8.art/ HTTP 301
    https://track.mltrck.com/?a=182217&c=315751&co=250694&mt=3 HTTP 302
    https://www.jetzt-dabei-sein.com/de,ultraflex,responsive,zooloo_921.html?idPartner=85&idCampaignAd=0&subId=182217&subIdentifier=904abd3237c549f2bd00f7664e5102bd1dd7f&aps=&aps2=&rlmset=eka_uf_de HTTP 302
    https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de& Page URL
  2. https://google.com/ HTTP 302
    https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.rimcaucmewkn8.wolaivweumkfn8.art/ HTTP 301
  • https://track.mltrck.com/?a=182217&c=315751&co=250694&mt=3 HTTP 302
  • https://www.jetzt-dabei-sein.com/de,ultraflex,responsive,zooloo_921.html?idPartner=85&idCampaignAd=0&subId=182217&subIdentifier=904abd3237c549f2bd00f7664e5102bd1dd7f&aps=&aps2=&rlmset=eka_uf_de HTTP 302
  • https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
campaign_1273.html
ambatis.de/
Redirect Chain
  • https://www.rimcaucmewkn8.wolaivweumkfn8.art/
  • https://track.mltrck.com/?a=182217&c=315751&co=250694&mt=3
  • https://www.jetzt-dabei-sein.com/de,ultraflex,responsive,zooloo_921.html?idPartner=85&idCampaignAd=0&subId=182217&subIdentifier=904abd3237c549f2bd00f7664e5102bd1dd7f&aps=&aps2=&rlmset=eka_uf_de
  • https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
101 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
7637e6753ccf23c60c089716aa775699caf7fa1c45daab70448745497c1ecb48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
17437
content-type
text/html; charset=UTF-8
date
Thu, 28 Mar 2024 17:37:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 28 Mar 2024 17:37:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
pragma
no-cache
server
Apache
vary
User-Agent
4835109d48c9e17ffe
cleanleadsonly.com/j/ 		169 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cleanleadsonly.com/j/4835109d48c9e17ffe
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.212.87.244 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
opticksconversions.com
Software
/
Resource Hash
8d78efdeea3dbe5db0aa8a8b64ff6770c22d2a8eb8cd57ae1c65cb3a6bfe0663

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 28 Mar 2024 17:37:27 GMT
content-encoding
gzip
accept-ch
Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
51d739c56605aad7cbcc0384aa5b1fef--gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=0, no-cache, must-revalidate
style_1273.css
rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/ 		113 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84abcd929b38576e3f6eb948824f97511b86b3262c045ac4227a6b03e9884788

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:28 GMT
Via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 Dec 2023 10:23:53 GMT
Server
AmazonS3
x-amz-request-id
QNKH4WCSKSDH74Q1
X-Amz-Cf-Pop
JFK50-P2
ETag
"eebb36fec22777dfaca6db673bfeab48"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115797
x-amz-id-2
rqqTZ2T3DBUarnI4kZ67O3oxaFeRtu0li50Qbab4hVK+DoGWCgpGrGzBo/QClp2d4ydJjQaupMw=
X-Amz-Cf-Id
lohlF3THasYMPlUn-pAkSuGG6o9djmy5cwS5hWJxUHMWepQMxv5eXA==
spinner.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/spinner.css
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54f7c8623cf0f0cf760385a22a4a5d20db7b2e3dfaecaab38ddf25ace848b171

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:27 GMT
Via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:16 GMT
Server
AmazonS3
x-amz-request-id
2RKNY98HK600NTTB
X-Amz-Cf-Pop
JFK50-P2
ETag
"308609aca6938598a1390b47ec576e97"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1295
x-amz-id-2
pXqMeZLLPk0DGMTfnEluVS/vPcjCEGNjUk5L07GW1nHbj0VsXFtmv9De8Jjh28JQYCIqdo1LH7Q=
X-Amz-Cf-Id
LgJmd1OJUgfzwvF9tiw1kP9jZnulI1A982QMmFI-b6URRicvBYBCNg==
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:37:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
755
age
1461186
cdn-cachedat
11/30/2023 17:43:30
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ab8626e4b724b111058794b60ba8757c
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86b9635c2ad62cc5-ORD
cdn-requestpullsuccess
True
balloon.min.css
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/css/balloon.min.css
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:27 GMT
Via
1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Feb 2018 10:07:16 GMT
Server
AmazonS3
x-amz-request-id
2RKTV073VZV9805N
X-Amz-Cf-Pop
JFK50-P2
ETag
"acd37f0b3be30c6cefff2ed8117e5938"
X-Cache
Miss from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5489
x-amz-id-2
Otk7sw3IxRXa/4cTuEJQwmqAdgMSfWoiX3ToJuq1w1i6DfbqZdlhT5NA/kQCezUfa7Q61V5ddVc=
X-Amz-Cf-Id
dwLDpdpi0BrUdzW4j0ol_pPDswx6RGCJI6qKpKhgMuUlWLQKUGUAcw==
jquery-3.4.1.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/ 		274 KB
274 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:28 GMT
Via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Aug 2019 14:45:01 GMT
Server
AmazonS3
x-amz-request-id
QNKQ57Q28Y8ZCJ27
X-Amz-Cf-Pop
JFK50-P2
ETag
"11c05eb286ed576526bf4543760785b9"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
280364
x-amz-id-2
gRRSG87XGSC/iXdh6mvRqwvNmzA9Jw8SYgJzPritPmSPrbkWCxyOCn92eyIUT6cRSYrLYPm8sN8=
X-Amz-Cf-Id
Kzzl2ZgBAxy5alHzJAsfGz2YA2qq05gi6aHWRTfMXiXrgx3i02ksHQ==
logic_1273.js
rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/scripts/ 		272 KB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/scripts/logic_1273.js
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10d43df8d82b580afcc35f14226b7219eb4080ff443e6368b65132be2e99f02a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:28 GMT
Via
1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
Last-Modified
Mon, 09 Oct 2023 07:56:36 GMT
Server
AmazonS3
x-amz-request-id
QNKP8H9K82AX9PNA
X-Amz-Cf-Pop
JFK50-P2
ETag
"811fbb0dec41b1ef39152eae9f8c5a13"
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
278451
x-amz-id-2
D5AhVyop9JvVXO25TWeaQqqTrAKb0v+hWkIA6irIyJR5awFpSPexEPpNj0r5Lc0xAeUiFaVsQgo=
X-Amz-Cf-Id
kuLTG0LD8WnuYGk8c-4nXd12wr9oXjie6FPfDTocKHIr0yFwpYG21g==
md5.min.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/md5.min.js
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9265ea6ee06a36211ef80e33821b309020e5c40c972cf70a07f10577c0cce549

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:28 GMT
Via
1.1 babb61789095288ef1d09146c15e7f1e.cloudfront.net (CloudFront)
Last-Modified
Tue, 08 Oct 2019 09:23:31 GMT
Server
AmazonS3
x-amz-request-id
QNKZ85VN0C3J1AN7
X-Amz-Cf-Pop
JFK50-P2
ETag
"d42ff83c2d527cdab773855cfe523561"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3767
x-amz-id-2
7FaXn2YJb2GAIESabB1rjcgUM1e/9/YsHbvkAtqI35c1QS/QUZfd6uQzNbnxayv7c3c2EQ9Qxjc=
X-Amz-Cf-Id
7HTSv-APhToB1n9MygwIOTsNFzT40-W5GLxNT9p7jFry5EtaGdb6kA==
global.css
rlmgws-data.s3.eu-central-1.amazonaws.com/global/ 		547 B
940 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3.eu-central-1.amazonaws.com/global/global.css
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.75.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
10b7bc7e6b9e055c06712b4ccc4d083cdf63d9fdf373e427468a16cdb8652a61

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:28 GMT
Last-Modified
Thu, 10 Aug 2023 07:19:34 GMT
Server
AmazonS3
x-amz-request-id
QNKNFCATVZCG64NP
ETag
"55b39a1e51b8544b4804c28d82a77539"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
547
x-amz-id-2
NV6aW7MF9UAJSBlCdes37MUWKjiKOwFiyq3dZPmkbHzfUkMJYQZg02g7rQ8Yrahx0Y1wgB7RJHY=
adressDeOrt.js
rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/scripts/adressDeOrt.js
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b4088bfcf66aabe95d2781a1deda475fd2103fe9341916a2568b59bd9183de9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:28 GMT
Via
1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Aug 2020 10:52:07 GMT
Server
AmazonS3
x-amz-request-id
QNKQZXTXAAZ4Y9FY
X-Amz-Cf-Pop
JFK50-P2
ETag
"f27bf73696475a931df4f92fb97cae2f"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9770
x-amz-id-2
t8+CqTWR3ZxAjsHlgyqnk179tBWxCrawi9juff8GLIVQAJxC2XObpuPIzALfBOFmijUImCkc3EA=
X-Amz-Cf-Id
imccEZhJeXcqzXqtZYmd5vV9W6P7AJ1Hi-GlEZhsKarFheRnGXIeuA==
moment.min.js
www.rlcontrol.de/ftp/flexblocks/scripts/lib/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rlcontrol.de/ftp/flexblocks/scripts/lib/moment.min.js
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:37:26 GMT
content-encoding
gzip
last-modified
Tue, 24 Jul 2018 14:05:29 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/javascript
accept-ranges
bytes
content-length
16804
l4ev3xvd1w
trk-consulatu.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-consulatu.com/scripts/push/script/l4ev3xvd1w?url=ambatis.de
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666970908363753737367d7206639aaa0b3839ab2b6a457f2924b3def8b1e07e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:37:28 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 28 Mar 2024 14:39:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=depcROp2KDI1VSDXSfXcdlpr76OzKqt8MGnCodgho4egyJ9fx3fS4CUffuXoqJ%2BJR%2F977dUNb5ZOpZ2%2F9qqVmXfOTZ6X7gP8qO8FwNovFsGoCPmNKUtsTtMkphB7Ox%2Fj7sANww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86b96365ac142bb7-ORD
expires
0
outer_slice_top_alpha.png
rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/images/outer_slice_top_alpha.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09598bf40146368ed3f405d0f03d774c3668a84faff0d43cada08affc928bb0d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:28 GMT
Via
1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 Oct 2020 14:38:31 GMT
Server
AmazonS3
x-amz-request-id
QNKX5NVDW76SF3BW
X-Amz-Cf-Pop
JFK50-P2
ETag
"d69548a63cd74eae70f2959767d66ff4"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1717
x-amz-id-2
y2ea2hF6a6Jp6ezN4367+AV2xfZsxvK9Gfta42fehMmBcKAfayY2i22ueuR24ZCq3/CYNwAo2a8=
X-Amz-Cf-Id
42NEoE88QJ83lmt1CB_qpkT88892ZzKy9l42Djpty_YkJMVWQojVEA==
outer_slice_bottom_alpha.png
rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/images/outer_slice_bottom_alpha.png
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52236c3dff7596331eaf92db1b36d5dc32469c3f8884c77d7dbdc8c6e4cbf103

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:29 GMT
Via
1.1 babb61789095288ef1d09146c15e7f1e.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 Oct 2020 14:38:31 GMT
Server
AmazonS3
x-amz-request-id
TDW5YB7917971D8M
X-Amz-Cf-Pop
JFK50-P2
ETag
"1a93bf276b6ab37a8669bbd216e853bf"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1727
x-amz-id-2
LKVZS6RPHmmoH9bu5a4yMsp9MPUt4WPbOzO/E8Xa/zuBPTpjYby3538QPThQbZxeu81k+V9SCCw=
X-Amz-Cf-Id
_9gnLtCG-RRRvnRum_auMod2-0oitE8YDw-98GIMyHvUcC4U8zOv4Q==
hinweis.png
rlmgws-data.s3.eu-central-1.amazonaws.com/flexfancy/images/extra/gratis_teilnahme/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3.eu-central-1.amazonaws.com/flexfancy/images/extra/gratis_teilnahme/hinweis.png
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.75.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fd377e3b6033fd2a541887ad00bd9a47be285fa449acf0530b825e4d16c86590

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:28 GMT
Last-Modified
Wed, 28 Apr 2021 15:32:23 GMT
Server
AmazonS3
x-amz-request-id
QNKMWD5RXKSKCX65
ETag
"3b9545828b1e7d248235f80fa36612f3"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
14484
x-amz-id-2
UWTYXGxzkd4j0RsC4xu4qokle6kgRu7t0Vv2k7AJFS1x8xGZUWrfvsyOD/2X6r4YqPqnB3eDGzU=
Aileron-Regular.woff
rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/fonts/Aileron-Regular.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Origin
https://ambatis.de
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:29 GMT
Via
1.1 76d4de5b65bdf749a3f97445d1b9f4d2.cloudfront.net (CloudFront)
x-amz-request-id
TDW1ERJR5XT2HNNQ
X-Amz-Cf-Pop
JFK50-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
21776
x-amz-id-2
zHGKkHL7KVG5vN/YeZMBSvowCvLDClK+yQMFL8UxKwpjMcebMxEIFSBpHncyOp/rQGWtVue2Qv4=
Last-Modified
Thu, 15 Oct 2020 12:44:45 GMT
Server
AmazonS3
ETag
"4309f5e6504ab4404a1c909a5ef8457f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
iuqKvWHjQLezYIXWZGTx2VADd8gZW1gVY6JV4zJvQIDjQ6r1lEskOw==
Aileron-Bold.woff
rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/fonts/Aileron-Bold.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Origin
https://ambatis.de
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:29 GMT
Via
1.1 baec235d174153a8f2e92ea724643824.cloudfront.net (CloudFront)
x-amz-request-id
TDWB9YQV2HMMSDKY
X-Amz-Cf-Pop
JFK50-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
23108
x-amz-id-2
3D2kmSaVssCHreg5VG+/FCU24GyvIjALVrPm0IRmAlqXwbFUP049tugD7Vholz+nlUWq4u2EEpQ=
Last-Modified
Thu, 15 Oct 2020 12:44:45 GMT
Server
AmazonS3
ETag
"317ed94a878c8d8ea413f51e575513f4"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
5tTqkbTt8qLIXOecUNmmGwakWo7YAfD-7EPE5amDBhJY5dYOdL_53A==
truncated
/ 		1 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

Referer
Origin
https://ambatis.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
resource.php
ambatis.de/ftp/ultraflex/services/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ambatis.de/ftp/ultraflex/services/resource.php?rlmset=eka_uf_de
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/flexfancy/lib/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
9ca105ec8e494a488a30f52541ade1d29466f7e13a6362419fb6a4c2e1c3d90f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
*/*
Referer
https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:37:28 GMT
content-encoding
gzip
server
Apache
content-length
1050
vary
Accept-Encoding,User-Agent
content-type
application/json; charset=utf-8
confirm_checkbox.png
rlmgws-data.s3.eu-central-1.amazonaws.com/flexfancy/images/gui/confirm_dialog/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3.eu-central-1.amazonaws.com/flexfancy/images/gui/confirm_dialog/confirm_checkbox.png
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.75.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6367228c6b2de1a5b23965e5bdda939f782e9f36249dc8f3b58f920dd88d8ddf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:29 GMT
Last-Modified
Tue, 18 May 2021 07:57:50 GMT
Server
AmazonS3
x-amz-request-id
TDWE2Z1SFVPGBMEQ
ETag
"1c3fedffbaae77cc20853e7d81115d51"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2118
x-amz-id-2
B7gpF4r+cK1VQy2cQhozPDKsqlj0+i3tEZa6WTk9YHhychalzuJ3iPY0hXNBTjPWJbqV6XwLVyA=
4835109d48c9e17ffe
cleanleadsonly.com/h/ 		806 B
986 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cleanleadsonly.com/h/4835109d48c9e17ffe?opticks-url=https%3A%2F%2Fambatis.de%2Fcampaign_1273.html%3FcoyoteAffiliTokenId%3D472518700%26aps%3D%26aps2%3D%26rlmset%3Deka_uf_de%26&response-opticks-version=v3&_t0=1711647447303&_t1=1711647448071&_t2=1711647448071&_optUJCHotKhMvhs=712b39a1&_m=1uc&coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&external_id=472518700&var1=85&subpublisher_id=182217&var2=904abd3237c549f2bd00f7664e5102bd1dd7f&var3=eka_uf_de&version=v3
Requested by
Host: cleanleadsonly.com
URL: https://cleanleadsonly.com/j/4835109d48c9e17ffe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.212.87.244 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
opticksconversions.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 28 Mar 2024 17:37:28 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
content-length
806
vary
Accept-Encoding, User-Agent
content-type
application/json
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://ambatis.de
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:37:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1029
age
1466416
cdn-cachedat
10/31/2023 19:21:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1935d7f8f65cf3ed7bd9c8d57c77d3b1
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86b96367bca32d8e-ORD
cdn-requestpullsuccess
True
ImageEdeka500ohneBrand.png
rlmgws-data.s3.eu-central-1.amazonaws.com/ultraflex/build/promotion_mobile/ 		352 KB
353 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlmgws-data.s3.eu-central-1.amazonaws.com/ultraflex/build/promotion_mobile/ImageEdeka500ohneBrand.png
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.75.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:29 GMT
Last-Modified
Thu, 21 Apr 2022 09:46:44 GMT
Server
AmazonS3
x-amz-request-id
TDWDB3A0E4WX2650
ETag
"b59e4d37cd7d95055fb4d03bc7200e3c"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
360846
x-amz-id-2
2R3A0qPgrpP66DK581AiD5a0LfGiG43ldm/Lm8gR5o0pyiiGeDcqfA3r37LWk8ekE5PCK2x1aic=
500edeka2020.png
ambatis.de/ftp/flexfancy/build/promotion/ 		354 KB
355 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ambatis.de/ftp/flexfancy/build/promotion/500edeka2020.png
Requested by
Host: ambatis.de
URL: https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:37:28 GMT
last-modified
Tue, 17 Nov 2020 15:51:51 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
362779
expires
Sat, 27 Apr 2024 17:37:28 GMT
leaguegothic-regular.woff
rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/fonts/league_gothic/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/fonts/league_gothic/leaguegothic-regular.woff
Requested by
Host: rlmgws-data.s3-accelerate.amazonaws.com
URL: https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.139.33.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-33-158.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://rlmgws-data.s3-accelerate.amazonaws.com/ultraflex/css/style_1273.css
Origin
https://ambatis.de
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 28 Mar 2024 17:37:29 GMT
Via
1.1 8cdf4e2d4f4070992665477c4dbca0c0.cloudfront.net (CloudFront)
x-amz-request-id
TDW8SD0XJ1E2KSV6
X-Amz-Cf-Pop
JFK50-P2
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
20720
x-amz-id-2
lald7DpEBfNxPOfOVjh4Wk5Esw4oDCGx+R1THHbMBguQSSdsTqJBGUxumr3tQi55ZI2QGKFhmX0=
Last-Modified
Mon, 26 Oct 2020 16:38:07 GMT
Server
AmazonS3
ETag
"c162b34540f8660b415f01610f8af15a"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
-gPVYa8bM3Vlg5XaFK4dydEDQVE-d2lYH_Yhvzw7mrDWAlgNBKw55A==
Primary Request index
www.google.com/sorry/
Redirect Chain
  • https://google.com/
  • https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Requested by
Host: cleanleadsonly.com
URL: https://cleanleadsonly.com/j/4835109d48c9e17ffe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.228 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f4.1e100.net
Software
HTTP server (unknown) /
Resource Hash
7723f1e333ec316525c9a7d90aab6d0d7799682a51e3739aaba9a58cfd7bfca0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ambatis.de/campaign_1273.html?coyoteAffiliTokenId=472518700&aps=&aps2=&rlmset=eka_uf_de&
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
3045
content-type
text/html
date
Thu, 28 Mar 2024 17:37:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
394
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-ToRZMp9XE5b4W2kB16TS2w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 28 Mar 2024 17:37:28 GMT
location
https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-frame-options
SAMEORIGIN
x-hallmonitor-challenge
CgwI2NWWsAYQrYrAxgISBKmW6Kw
x-xss-protection
0
check.php
rltools.de/traffic_check01/ 		0
0
api.js
www.google.com/recaptcha/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.228 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f4.1e100.net
Software
GSE /
Resource Hash
08d97db667290b2c47dce6cf9cef24ba8f85792aa0c14ed87f77693916ddc371
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 28 Mar 2024 17:37:28 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ 		496 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 05:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202152
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Mar 2025 05:07:25 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1067 		45 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.228 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f4.1e100.net
Software
GSE /
Resource Hash
57a9b78bf79100526d2ceddd1785f01f913c7f773f16fc0c74ccd55aaad76abb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0O1Bysyx166tnWEl6iw1xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0O1Bysyx166tnWEl6iw1xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 17:37:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 1067 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Mar 2025 23:39:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 1067 		496 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 05:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202152
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Mar 2025 05:07:25 GMT
truncated
/ Frame 1067 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1067 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1067 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 07:47:34 GMT
x-content-type-options
nosniff
age
121795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 03 Apr 2024 07:47:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1067 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 09:15:49 GMT
x-content-type-options
nosniff
age
30101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 09:15:49 GMT
seznqU_2fAV2vv7gjXhfj1l9fkWek2Rvq2v_ljgu8c8.js
www.google.com/js/bg/ Frame 1067 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/seznqU_2fAV2vv7gjXhfj1l9fkWek2Rvq2v_ljgu8c8.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.228 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f4.1e100.net
Software
sffe /
Resource Hash
b1ece7a94ff67c0576befee08d785f8f597d7e459e93646fab6bff96382ef1cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 09:12:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
30325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7407
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 16:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Mar 2025 09:12:04 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 1067 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.228 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f4.1e100.net
Software
GSE /
Resource Hash
e218317cb912f66558792d0563e846a889f26258b7d564bcd24c3f02a7dbccaf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 17:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 28 Mar 2024 17:37:29 GMT
bframe
www.google.com/recaptcha/api2/ Frame 277A 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.228 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f4.1e100.net
Software
GSE /
Resource Hash
7977968bcb91be0c5b2d9e2d9ae635116e05b9611573962b5fcf41f7186f7425
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RXvfgBJuOGRIucA8Xa8O8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RXvfgBJuOGRIucA8Xa8O8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Mar 2024 17:37:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 277A 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 23:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 27 Mar 2025 23:39:05 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame 277A 		496 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 05:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202152
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 18:14:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Mar 2025 05:07:25 GMT
favicon.ico
www.google.com/ 		5 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.228 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f4.1e100.net
Software
sffe /
Resource Hash
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 14:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9567
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1494
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/x-icon
cache-control
public, max-age=691200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 05 Apr 2024 14:58:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rltools.de
URL
https://rltools.de/traffic_check01/check.php?click_id=track_20240328173727_2f6115fa_e028_4d6d_ade5_55c023f5046a

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onpagereveal function| submitCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| closure_lm_691571

17 Cookies

Domain/Path Name / Value
.mltrck.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.mltrck.com/ Name: gdm_click_freq_v1_1_001
Value: kb+xy96Lfi/rigNMVUZ/CTFust3kFW/7rG9GIxLS0J1aY6G2FvoaHL+yaxu6S0Fg
.mltrck.com/ Name: gdm_uid_v1_1_001
Value: ZiQjwlfYXuqGezr56d8mk7EE9AJ1YNTC3dgGdRHQR2K+jOkH4PLnq9gXtUn7lW8L
.mltrck.com/ Name: gdm_click_adv_freq_v1_1_001
Value: fLD5x/On/zUg7UtwirCWoPH/2bR4/G0UUk+cbpuRZh47oEvTIv/D+9opgbio7HYI
.mltrck.com/ Name: gdm_click_adv_freq_v2_1_001
Value: fLD5x/On/zUg7UtwirCWoPH/2bR4/G0UUk+cbpuRZh47oEvTIv/D+9opgbio7HYI
.mltrck.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.mltrck.com/ Name: gdm_click_freq_v2_1_001
Value: kb+xy96Lfi/rigNMVUZ/CTFust3kFW/7rG9GIxLS0J1aY6G2FvoaHL+yaxu6S0Fg
.mltrck.com/ Name: gdm_sid_v1_3_001
Value: dfgboV+8cPj2UEizR9Rz661mbueQFXjpZRlhQM/RqmF8xLgp5HEECZNU7RsNQba/OxBRpDMVh19FpdRQ478ofnIzxG3ioUTpVIVJ5T27voY3HMveeVaDk+2CiIgnLZvxNauirIzOjY18NXQxxKH1gz3QioB06Sk/6oNdWhGsx7XxkYzegCEDe/4u+UxjsGaStUPtnVM+Bq/CwbGgnrTVE18+ptZTpeaRRnxQk/aNjGSuORpgm0BXuV6GxtEu6AaiW1MwE3H2s/OA1X0VAlIbaLGQma1UcB8MBNPlJgs8aHVAYLXTQqoSKGUFCEMn40fDTEHWJCUC176JNCSaWkAdw0NAyyuzaybdGL8Yu9h8y60P2XLYMnkk2Qspfgz9pDu+n1LbewTU6mpe+7/7G4qFdLcpU/PynqxNY/PLESNVAuo0xhAWcSb73sdY9iG2bqSs4G8OhwNR5hFBSLtdY6m99wX5X/6NPKMjrwwzkMs7+41e4dS+Z3KJmxLanOQzA4+goPWns4FV17qfnDKUTTZgYJqgzZc+hKQh+m8mDdJEUE2qq8o3OgK9TDPDY4EVpSoJZDFWJgozU6RHE3l/LGFpaIUSZXZQaqKp6a5xSJbnqph+3s3p69VIPqKHjtuKU1pwr/EKCTyZLX0okUa/EEMCTvjEicETL1WwdbbH9YrpmPSnFI70hN6BQkGzkDJTt2V4EoGN3ifFJpI+7XbU1AXYBHT44TflGPC2C75t+/EnZeD+taelVOS7sdvA1n99PWLb4qjX2wcSaMjnx9MpwDbn/gevWvy73F5sO4vFRiTknK9TdM/fY0AmObG6VL8J5p1s/ohEHDY43c+sGr2AqU+jrLDOG+RCo6q8kzYFYs8oNo7DUYZBEtxZRdF9BYSxKPPPqLDHgq0RyuZQ2PSnjlJS+UEwrgwDHO9SiTj5NQ60FGjQbEeTEvt7cNgoYNyVSFEIVxaCBeqAVYM7gE9bFi/VxFG1GLpIFB502JTZMAeImOiZRU+zop5FeAUXlySc21Qw4WdSfyBvNyHSXyp/WU7CKBB67rgo+YVaq1Osnm16FtfX9tPc067j5CW5XElXwVCD
.mltrck.com/ Name: gdm_sid_v2_3_001
Value: dfgboV+8cPj2UEizR9Rz661mbueQFXjpZRlhQM/RqmF8xLgp5HEECZNU7RsNQba/OxBRpDMVh19FpdRQ478ofnIzxG3ioUTpVIVJ5T27voY3HMveeVaDk+2CiIgnLZvxNauirIzOjY18NXQxxKH1gz3QioB06Sk/6oNdWhGsx7XxkYzegCEDe/4u+UxjsGaStUPtnVM+Bq/CwbGgnrTVE18+ptZTpeaRRnxQk/aNjGSuORpgm0BXuV6GxtEu6AaiW1MwE3H2s/OA1X0VAlIbaLGQma1UcB8MBNPlJgs8aHVAYLXTQqoSKGUFCEMn40fDTEHWJCUC176JNCSaWkAdw0NAyyuzaybdGL8Yu9h8y60P2XLYMnkk2Qspfgz9pDu+n1LbewTU6mpe+7/7G4qFdLcpU/PynqxNY/PLESNVAuo0xhAWcSb73sdY9iG2bqSs4G8OhwNR5hFBSLtdY6m99wX5X/6NPKMjrwwzkMs7+41e4dS+Z3KJmxLanOQzA4+goPWns4FV17qfnDKUTTZgYJqgzZc+hKQh+m8mDdJEUE2qq8o3OgK9TDPDY4EVpSoJZDFWJgozU6RHE3l/LGFpaIUSZXZQaqKp6a5xSJbnqph+3s3p69VIPqKHjtuKU1pwr/EKCTyZLX0okUa/EEMCTvjEicETL1WwdbbH9YrpmPSnFI70hN6BQkGzkDJTt2V4EoGN3ifFJpI+7XbU1AXYBHT44TflGPC2C75t+/EnZeD+taelVOS7sdvA1n99PWLb4qjX2wcSaMjnx9MpwDbn/gevWvy73F5sO4vFRiTknK9TdM/fY0AmObG6VL8J5p1s/ohEHDY43c+sGr2AqU+jrLDOG+RCo6q8kzYFYs8oNo7DUYZBEtxZRdF9BYSxKPPPqLDHgq0RyuZQ2PSnjlJS+UEwrgwDHO9SiTj5NQ60FGjQbEeTEvt7cNgoYNyVSFEIVxaCBeqAVYM7gE9bFi/VxFG1GLpIFB502JTZMAeImOiZRU+zop5FeAUXlySc21Qw4WdSfyBvNyHSXyp/WU7CKBB67rgo+YVaq1Osnm16FtfX9tPc067j5CW5XElXwVCD
.mltrck.com/ Name: gdm_uid_v2_1_001
Value: ZiQjwlfYXuqGezr56d8mk7EE9AJ1YNTC3dgGdRHQR2K+jOkH4PLnq9gXtUn7lW8L
www.jetzt-dabei-sein.com/ Name: PHPSESSID
Value: 3dt9kpfotb041ctg7v20ptlod6
www.jetzt-dabei-sein.com/ Name: coyoteTrackingCookie_921
Value: 472518700
www.jetzt-dabei-sein.com/ Name: coyoteSimpleTrackingCookie
Value: 472518700
ambatis.de/ Name: PHPSESSID
Value: 0blvam1nifch3jcg801esou8ho
ambatis.de/ Name: coyoteAffiliTokenId1273
Value: 472518700
.google.com/ Name: AEC
Value: Ae3NU9PGrQxRGTclDANhQEbMSVei3CZ9UGI6vUxfcprMQE69FsYyqFqtINM
.google.com/ Name: NID
Value: 512=P3JTySab7y2ZqG_kW12KXqq_ZPwDWWZdClK_X8i_hHTvuLcsYK0AEk5m-SJDRKYXJRFNCbS0_wkDizHHyjCmCjzDAh6fPRoDe_npq072DX2PGpauF5ho4xXmKAMN2gkBMLQf1dEPTuZwSUxD72Z9IMqeBrIzFIKmPPXh7CvmHDg

3 Console Messages

Source Level URL
Text
network error URL: https://www.google.com/sorry/index?continue=https://google.com/&q=EgSpluisGNjVlrAGIjAbEgXh4Fm3N26UTexdlgQA43ewigfUYw8WwU-sXXL4vT0auzNSNMo95bHQu3Qdz40yAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=normal&s=RD5mi15TkhCSyqvvAl4cqf1xqJAzvJ1lF8z5nUcOLkOtgfgnpMd-cPHTpgxKpycaO3HSle-zODY_kkZgjfkpfmZWIKQ4quqWVGhIs0qq8hLDpBaBOsEQPAXzyUlkRoZ9b3U3veDNwY8SCYa_sIZpv2Goc92w4ilyXuGPEL2TemEh55bZCqtDgaZuhGwYrPzy-7pcekGmy0ppkV-ZSADppuPWJh9oRE8qe0p3CXOTM23k5bvEScJXdJqveM7r3bC2f6_mayfXez9Ji3JktdFU9KMiwpKuvNE&cb=k7z15h18dtsf
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Hq4JZivTyQ7GP8Kt571Tzodj&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ambatis.de
cleanleadsonly.com
fonts.gstatic.com
google.com
maxcdn.bootstrapcdn.com
rlmgws-data.s3-accelerate.amazonaws.com
rlmgws-data.s3.eu-central-1.amazonaws.com
rltools.de
track.mltrck.com
trk-consulatu.com
www.google.com
www.gstatic.com
www.jetzt-dabei-sein.com
www.rimcaucmewkn8.wolaivweumkfn8.art
www.rlcontrol.de
rltools.de
104.18.11.207
108.139.33.158
130.255.79.215
142.250.65.227
142.251.40.195
142.251.40.228
172.217.165.142
172.67.209.214
193.46.255.169
213.229.66.214
52.219.75.5
62.212.87.244
08d97db667290b2c47dce6cf9cef24ba8f85792aa0c14ed87f77693916ddc371
09598bf40146368ed3f405d0f03d774c3668a84faff0d43cada08affc928bb0d
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
10b7bc7e6b9e055c06712b4ccc4d083cdf63d9fdf373e427468a16cdb8652a61
10d43df8d82b580afcc35f14226b7219eb4080ff443e6368b65132be2e99f02a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4122f214f47bf170342826a86092121db1a8ac7cb3c0f899a1ede8b6b96f27c8
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
52236c3dff7596331eaf92db1b36d5dc32469c3f8884c77d7dbdc8c6e4cbf103
54f7c8623cf0f0cf760385a22a4a5d20db7b2e3dfaecaab38ddf25ace848b171
57a9b78bf79100526d2ceddd1785f01f913c7f773f16fc0c74ccd55aaad76abb
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
6367228c6b2de1a5b23965e5bdda939f782e9f36249dc8f3b58f920dd88d8ddf
666970908363753737367d7206639aaa0b3839ab2b6a457f2924b3def8b1e07e
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
7637e6753ccf23c60c089716aa775699caf7fa1c45daab70448745497c1ecb48
7723f1e333ec316525c9a7d90aab6d0d7799682a51e3739aaba9a58cfd7bfca0
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7977968bcb91be0c5b2d9e2d9ae635116e05b9611573962b5fcf41f7186f7425
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b4088bfcf66aabe95d2781a1deda475fd2103fe9341916a2568b59bd9183de9
84abcd929b38576e3f6eb948824f97511b86b3262c045ac4227a6b03e9884788
8d78efdeea3dbe5db0aa8a8b64ff6770c22d2a8eb8cd57ae1c65cb3a6bfe0663
9265ea6ee06a36211ef80e33821b309020e5c40c972cf70a07f10577c0cce549
9368f8ab141b9545a2b9e279abe8fef65a60091050ebeab9b63dd4c1bd0d38e1
9ca105ec8e494a488a30f52541ade1d29466f7e13a6362419fb6a4c2e1c3d90f
b1ece7a94ff67c0576befee08d785f8f597d7e459e93646fab6bff96382ef1cf
e218317cb912f66558792d0563e846a889f26258b7d564bcd24c3f02a7dbccaf
fd377e3b6033fd2a541887ad00bd9a47be285fa449acf0530b825e4d16c86590