employees.testbienestarpucp.duckdns.org Open in urlscan Pro
52.205.208.137  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response employees.testbienestarpucp.duckdns.org/	614 B 852 B	752ms 105ms	Document text/html	52.205.208.137 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employees.testbienestarpucp.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.208.137 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-208-137.compute-1.amazonaws.com Software nginx/1.16.0 / Resource Hash 1170ab7ff83e03f4871ef17f9581c154057d453f5ffd3fb864e1d8d5e154b9d9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.16.0 Date Thu, 25 Nov 2021 16:26:24 GMT Content-Type text/html Content-Length 614 Last-Modified Thu, 25 Nov 2021 16:17:29 GMT Connection keep-alive ETag "619fb719-266" Accept-Ranges bytes
GET H/1.1	200 OK	runtime.js Show response employees.testbienestarpucp.duckdns.org/	13 KB 13 KB	107ms 106ms	Script application/javascript	52.205.208.137 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employees.testbienestarpucp.duckdns.org/runtime.js Requested by Host: employees.testbienestarpucp.duckdns.org URL: https://employees.testbienestarpucp.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.208.137 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-208-137.compute-1.amazonaws.com Software nginx/1.16.0 / Resource Hash 94869c44e45330cf624b4efc3f8e12c1f2668f387be1ae062419823b811cb8cd Request headers Referer https://employees.testbienestarpucp.duckdns.org/ Origin https://employees.testbienestarpucp.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 16:26:24 GMT Last-Modified Thu, 25 Nov 2021 16:17:29 GMT Server nginx/1.16.0 ETag "619fb719-3487" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 13447
GET H/1.1	200 OK	polyfills.js Show response employees.testbienestarpucp.duckdns.org/	463 KB 463 KB	214ms 106ms	Script application/javascript	52.205.208.137 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employees.testbienestarpucp.duckdns.org/polyfills.js Requested by Host: employees.testbienestarpucp.duckdns.org URL: https://employees.testbienestarpucp.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.208.137 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-208-137.compute-1.amazonaws.com Software nginx/1.16.0 / Resource Hash 976a4bdf2526938072618cdb2e470113655bad60fdfdf35122995ca495eacaba Request headers Referer https://employees.testbienestarpucp.duckdns.org/ Origin https://employees.testbienestarpucp.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 16:26:25 GMT Last-Modified Thu, 25 Nov 2021 16:17:29 GMT Server nginx/1.16.0 ETag "619fb719-73c21" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 474145
GET H/1.1	200 OK	styles.js Show response employees.testbienestarpucp.duckdns.org/	34 KB 34 KB	422ms 210ms	Script application/javascript	52.205.208.137 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employees.testbienestarpucp.duckdns.org/styles.js Requested by Host: employees.testbienestarpucp.duckdns.org URL: https://employees.testbienestarpucp.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.208.137 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-208-137.compute-1.amazonaws.com Software nginx/1.16.0 / Resource Hash d9a9ccd06d63074f26b2eb98d34f84480b3bf6b5eaca41cdc6d7e3f9c76baba8 Request headers Referer https://employees.testbienestarpucp.duckdns.org/ Origin https://employees.testbienestarpucp.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 16:26:25 GMT Last-Modified Thu, 25 Nov 2021 16:17:29 GMT Server nginx/1.16.0 ETag "619fb719-8659" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 34393
GET H/1.1	200 OK	vendor.js Show response employees.testbienestarpucp.duckdns.org/	6 MB 6 MB	421ms 210ms	Script application/javascript	52.205.208.137 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employees.testbienestarpucp.duckdns.org/vendor.js Requested by Host: employees.testbienestarpucp.duckdns.org URL: https://employees.testbienestarpucp.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.208.137 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-208-137.compute-1.amazonaws.com Software nginx/1.16.0 / Resource Hash fc753f708e7925afc4492094d90ff6d784010e272c652b7829afb2943b5e2105 Request headers Referer https://employees.testbienestarpucp.duckdns.org/ Origin https://employees.testbienestarpucp.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 16:26:25 GMT Last-Modified Thu, 25 Nov 2021 16:17:29 GMT Server nginx/1.16.0 ETag "619fb719-65cdec" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 6671852
GET H/1.1	200 OK	main.js Show response employees.testbienestarpucp.duckdns.org/	2 MB 2 MB	422ms 211ms	Script application/javascript	52.205.208.137 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://employees.testbienestarpucp.duckdns.org/main.js Requested by Host: employees.testbienestarpucp.duckdns.org URL: https://employees.testbienestarpucp.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.208.137 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-208-137.compute-1.amazonaws.com Software nginx/1.16.0 / Resource Hash bb96f87ced9698e929c88ae8265c3b7aa3fd117558f663fc5a3e241e8c9f11b0 Request headers Referer https://employees.testbienestarpucp.duckdns.org/ Origin https://employees.testbienestarpucp.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 16:26:25 GMT Last-Modified Thu, 25 Nov 2021 16:17:29 GMT Server nginx/1.16.0 ETag "619fb719-187d0a" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1604874
GET H2	200	css2 fonts.googleapis.com/	12 KB 1 KB	38ms 17ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3418cb4954cf2b3fa89ce6b2add0509b0cefe4d474e459539207522ba4908dd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employees.testbienestarpucp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 25 Nov 2021 15:44:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 25 Nov 2021 16:26:25 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Nov 2021 16:26:25 GMT
GET H2	200	css2 fonts.googleapis.com/	25 KB 1 KB	38ms 17ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employees.testbienestarpucp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 25 Nov 2021 15:52:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 25 Nov 2021 16:26:25 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Nov 2021 16:26:25 GMT
GET H2	200	css2 fonts.googleapis.com/	25 KB 1 KB	40ms 19ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Source+Serif+Pro:ital,wght@0,200;0,300;0,400;0,600;0,700;0,900;1,200;1,300;1,400;1,600;1,700;1,900&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c69e57e350c805e5ff11c6a9b747c312c07bc9cd186d59431dcd2ff97204a63c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employees.testbienestarpucp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 25 Nov 2021 16:26:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 25 Nov 2021 16:26:25 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Nov 2021 16:26:25 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	28ms 6ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://employees.testbienestarpucp.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 19 Nov 2021 13:39:48 GMT x-content-type-options nosniff age 528398 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 19 Nov 2022 13:39:48 GMT
GET H2	200	api.js Show response apis.google.com/js/	13 KB 6 KB	105ms 84ms	Script application/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: employees.testbienestarpucp.duckdns.org URL: https://employees.testbienestarpucp.duckdns.org/vendor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 31584ea797048776578ee9d0995cdcb9334931f5fb5658c7edd9c4afc5cdd6df Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-YSDHtpHDCSL/oDmxMsYvog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employees.testbienestarpucp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 16:26:26 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF etag "0aae81fbf573ec4fa41629ccaf660495" x-frame-options SAMEORIGIN report-to {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-YSDHtpHDCSL/oDmxMsYvog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS" expires Thu, 25 Nov 2021 16:26:26 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f3dbbdc0812457c89887230748bf70ff1a79f76ed94fa7e15e2f91d58881ee2e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	eeggcc.png employees.testbienestarpucp.duckdns.org/	2 MB 2 MB	107ms 106ms	Image image/png	52.205.208.137 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://employees.testbienestarpucp.duckdns.org/eeggcc.png Requested by Host: employees.testbienestarpucp.duckdns.org URL: https://employees.testbienestarpucp.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.208.137 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-208-137.compute-1.amazonaws.com Software nginx/1.16.0 / Resource Hash 1c91a3c081d638620a64d2fb603a58fcff98d536949aec5329ade914fb35078b Request headers Accept-Language de-DE,de;q=0.9 Referer https://employees.testbienestarpucp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 16:26:26 GMT Last-Modified Thu, 25 Nov 2021 16:17:29 GMT Server nginx/1.16.0 ETag "619fb719-1decb4" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1961140
GET H/1.1	200 OK	login_bg_green.svg employees.testbienestarpucp.duckdns.org/	841 B 1 KB	106ms 105ms	Image image/svg+xml	52.205.208.137 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://employees.testbienestarpucp.duckdns.org/login_bg_green.svg Requested by Host: employees.testbienestarpucp.duckdns.org URL: https://employees.testbienestarpucp.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.208.137 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-208-137.compute-1.amazonaws.com Software nginx/1.16.0 / Resource Hash d164840a611c869b5deae757781c7c08eb3e9676a68bdaa011efd34dbc7d58c8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employees.testbienestarpucp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 25 Nov 2021 16:26:26 GMT Last-Modified Thu, 25 Nov 2021 16:17:29 GMT Server nginx/1.16.0 ETag "619fb719-349" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 841
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/	20 KB 20 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://employees.testbienestarpucp.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Fri, 19 Nov 2021 13:18:02 GMT x-content-type-options nosniff age 529704 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 19 Nov 2022 13:18:02 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	9ms 9ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://employees.testbienestarpucp.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 14:02:00 GMT x-content-type-options nosniff age 181466 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 23 Nov 2022 14:02:00 GMT
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/	103 KB 34 KB	33ms 7ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 23df2c3f1040fcd3dff1a9cadca416b9fd045638d844c55d9b753038d5c221f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://employees.testbienestarpucp.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 24 Nov 2021 15:57:39 GMT content-encoding gzip x-content-type-options nosniff age 88127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35077 x-xss-protection 0 last-modified Sat, 30 Oct 2021 15:20:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 24 Nov 2022 15:57:39 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame A7BB	511 B 903 B	45ms 22ms	Document text/html	2a00:1450:4001:828::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.1oGqGyIIxrg.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOi-QLH9bWsMMs2gBCmTBNxHaIHgg/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9d0638750568a8dc066bcb98ff2a82746fd3413d8966596049eeb750c5075c2e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zTB0YgrBNqDHdjK8kNGPmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://employees.testbienestarpucp.duckdns.org/ Response headers content-type text/html; charset=utf-8 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Thu, 25 Nov 2021 16:26:26 GMT content-language en-US content-security-policy script-src 'report-sample' 'nonce-zTB0YgrBNqDHdjK8kNGPmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	73375047-idpiframe.js Show response ssl.gstatic.com/accounts/o/ Frame A7BB	112 KB 113 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/73375047-idpiframe.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b04780cc8befb8f827f7e8bc7e37c74ed77ab6b7e5d9dbaca813a9101b7494cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 24 Nov 2021 18:33:07 GMT x-content-type-options nosniff age 78799 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 114703 x-xss-protection 0 last-modified Thu, 11 Nov 2021 01:08:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="federated-signon-mpm-access" vary Accept-Encoding report-to {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 24 Nov 2022 18:33:07 GMT
GET H3	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame A7BB	15 B 59 B	47ms 30ms	XHR application/json	2a00:1450:4001:828::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Femployees.testbienestarpucp.duckdns.org&client_id=1040302313024-3ikq46616iq7vjgh9pq2go4732lep2pe.apps.googleusercontent.com Requested by Host: ssl.gstatic.com URL: https://ssl.gstatic.com/accounts/o/73375047-idpiframe.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 25 Nov 2021 16:26:26 GMT content-encoding gzip x-content-type-options nosniff server ESF content-type application/json; charset=utf-8 cache-control public, max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Thu, 25 Nov 2021 17:26:26 GMT

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| webpackJsonp function| setImmediate function| clearImmediate string| __react_router_build__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| gapi object| ___jsl object| osapi

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 03:21:08	Name: NID Value: 511=nFfXqeBcDzvPT_aBGK33cp0fxPBv99wA-yiH7_N6VN5Uza83J-EA6K-HAJIwcuSKxkWEq2UOUmmK87ZbyXG3MQ3XcTh7z85Im9KeqsHLlGp6HCzEneYc_A7qUjaMNnUYtr52Yhba1FicLvMk0MJ7E_7Jr0FtCKIEENL9-SF0JAg
			.employees.testbienestarpucp.duckdns.org/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
employees.testbienestarpucp.duckdns.org
fonts.googleapis.com
fonts.gstatic.com
ssl.gstatic.com
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200d
52.205.208.137
00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2
1170ab7ff83e03f4871ef17f9581c154057d453f5ffd3fb864e1d8d5e154b9d9
1c91a3c081d638620a64d2fb603a58fcff98d536949aec5329ade914fb35078b
23df2c3f1040fcd3dff1a9cadca416b9fd045638d844c55d9b753038d5c221f3
31584ea797048776578ee9d0995cdcb9334931f5fb5658c7edd9c4afc5cdd6df
94869c44e45330cf624b4efc3f8e12c1f2668f387be1ae062419823b811cb8cd
976a4bdf2526938072618cdb2e470113655bad60fdfdf35122995ca495eacaba
9d0638750568a8dc066bcb98ff2a82746fd3413d8966596049eeb750c5075c2e
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
b04780cc8befb8f827f7e8bc7e37c74ed77ab6b7e5d9dbaca813a9101b7494cc
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb96f87ced9698e929c88ae8265c3b7aa3fd117558f663fc5a3e241e8c9f11b0
c69e57e350c805e5ff11c6a9b747c312c07bc9cd186d59431dcd2ff97204a63c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d164840a611c869b5deae757781c7c08eb3e9676a68bdaa011efd34dbc7d58c8
d9a9ccd06d63074f26b2eb98d34f84480b3bf6b5eaca41cdc6d7e3f9c76baba8
e3418cb4954cf2b3fa89ce6b2add0509b0cefe4d474e459539207522ba4908dd
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
f3dbbdc0812457c89887230748bf70ff1a79f76ed94fa7e15e2f91d58881ee2e
fc753f708e7925afc4492094d90ff6d784010e272c652b7829afb2943b5e2105