www.google.com Open in urlscan Pro
2a00:1450:4001:81c::2004 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://67.205.158.226/cl/107322_md/31/18669/12523/195/875799
Effective URL:
https://www.google.com/?destinationid=2945262736&hpcid=1406805849&item=O0GI&ld=1&logo=195p&requestid=7jweQB1SVN&session...
Submission: On September 21 via api (September 21st 2023, 4:58:56 pm UTC) from US — Scanned from DE

Summary HTTP 35 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 35 HTTP transactions. The main IP is 2a00:1450:4001:81c::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 11.
TLS certificate: Issued by GTS CA 1C3 on September 4th 2023. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.205.158.226 67.205.158.226	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	23.229.68.109 23.229.68.109	55286 (SERVER-MANIA) (SERVER-MANIA)
1 1	185.16.40.144 185.16.40.144	199456 (VLDTECH-ASN) (VLDTECH-ASN)
2 9	2606:4700:303... 2606:4700:3031::ac43:c9b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e2:... 2606:4700:e2::ac40:8209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:b158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	45.55.126.207 45.55.126.207	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
35	13

1 67.205.158.226 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

67.205.158.226	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.229.68.109 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
PTR: medical-unique.carnivalmade.net

fluxella.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.16.40.144 (United Kingdom) 1 redirects

ASN199456 (VLDTECH-ASN, GB)
PTR: mail.assisteckpro.com

polomari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3031::ac43:c9b2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

conundrwo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8209 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b158 (United States)

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.55.126.207 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

beacon.conundrwo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon2.profiledatasolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushvisit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	conundrwo.com 3 redirects conundrwo.com beacon.conundrwo.com	348 KB
7	google.com www.google.com — Cisco Umbrella Rank: 11 apis.google.com — Cisco Umbrella Rank: 242	118 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	3 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	93 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3436 ka-f.fontawesome.com — Cisco Umbrella Rank: 7091	24 KB
2	pushvisit.xyz pushvisit.xyz — Cisco Umbrella Rank: 207507	2 KB
1	profiledatasolutions.com beacon2.profiledatasolutions.com	553 B
1	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 319682	5 KB
1	polomari.com 1 redirects polomari.com	625 B
1	fluxella.com fluxella.com	441 B
35	10

	Domain	Requested by
9	conundrwo.com	2 redirects fluxella.com conundrwo.com
6	www.google.com	conundrwo.com www.google.com
5	fonts.googleapis.com	conundrwo.com
4	beacon.conundrwo.com	1 redirects conundrwo.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	www.gstatic.com	www.google.com
2	pushvisit.xyz	virtualpushplatform.com
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
1	apis.google.com	www.gstatic.com
1	beacon2.profiledatasolutions.com	conundrwo.com
1	virtualpushplatform.com	conundrwo.com
1	kit.fontawesome.com	conundrwo.com
1	polomari.com	1 redirects
1	fluxella.com
35	14

This site contains links to these domains. Also see Links.

Domain
about.google
store.google.com
mail.google.com
www.google.de
accounts.google.com
support.google.com
google.com
sustainability.google
policies.google.com

Subject Issuer	Validity	Valid
fluxella.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-18` - `2024-07-17`	a year	crt.sh
conundrwo.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-09-10` - `2023-12-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-14` - `2024-02-13`	a year	crt.sh
beacon.conundrwo.com R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
pushvisit.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-08-02`	a year	crt.sh
beacon2.profiledatasolutions.com R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/?destinationid=2945262736&hpcid=1406805849&item=O0GI&ld=1&logo=195p&requestid=7jweQB1SVN&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167
Frame ID: BFA40349852042EC3189B68CEC9DC219
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google

Page URL History Show full URLs

http://67.205.158.226/cl/107322_md/31/18669/12523/195/875799 HTTP 302
https://fluxella.com/ff6b978a88e2a66000/31/107322_12/195_875799_18669_6721544_md Page URL
https://polomari.com/r/5987dee0-ab36-4c52-a24d-a2f75d2235de/471167/1406805849/31 HTTP 302
https://conundrwo.com/sf/tpl38?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=... HTTP 301
http://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3... HTTP 301
https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3... Page URL
https://www.google.com/?destinationid=2945262736&hpcid=1406805849&item=O0GI&ld=1&logo=195p&requesti... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

35
Requests

97 %
HTTPS

64 %
IPv6

10
Domains

14
Subdomains

13
IPs

4
Countries

592 kB
Transfer

2141 kB
Size

6
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://about.google/?fg=1&utm_source=google-DE&utm_medium=referral&utm_campaign=hp-header
Title: Über Google

Search URL Search Domain Scan URL

URL: https://store.google.com/DE?utm_source=hp_header&utm_medium=google_ooo&utm_campaign=GS100042&hl=de-DE
Title: Store

Search URL Search Domain Scan URL

URL: https://mail.google.com/mail/&ogbl
Title: Gmail

Search URL Search Domain Scan URL

URL: https://www.google.de/intl/de/about/products

Search URL Search Domain Scan URL

URL: https://accounts.google.com/ServiceLogin?hl=de&passive=true&continue=https://www.google.com/%3Fdestinationid%3D2945262736%26hpcid%3D1406805849%26item%3DO0GI%26ld%3D1%26logo%3D195p%26requestid%3D7jweQB1SVN%26session_id%3De683f47a-2d57-47da-a253-93de2d0c01fb%26sub1%3D39039c88-626b-4648-8865-da027b4208d6%26sub3%3DN6BM_471167&ec=GAZAmgQ
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://support.google.com/websearch/answer/106230?hl=de
Title: Weitere Informationen

Search URL Search Domain Scan URL

URL: https://google.com/search/howsearchworks/?fg=1
Title: Wie funktioniert die Google Suche?

Search URL Search Domain Scan URL

URL: https://sustainability.google/intl/de/klimaschutz/?utm_source=googlehpfooter&utm_medium=housepromos&utm_campaign=bottom-footer&utm_content=
Title: Drei Jahrzehnte Klimaschutz: Jede Entscheidung zählt

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=de&fg=1
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=de&fg=1
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://support.google.com/websearch/?p=ws_results_help&hl=de&fg=1
Title: Hilfe zur Suche

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/cookies?utm_source=ucbs&hl=de
Title: Cookies

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=de&fg=1&utm_source=ucbs
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=de&fg=1&utm_source=ucbs
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://67.205.158.226/cl/107322_md/31/18669/12523/195/875799 HTTP 302
https://fluxella.com/ff6b978a88e2a66000/31/107322_12/195_875799_18669_6721544_md Page URL
https://polomari.com/r/5987dee0-ab36-4c52-a24d-a2f75d2235de/471167/1406805849/31 HTTP 302
https://conundrwo.com/sf/tpl38?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849 HTTP 301
http://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849 HTTP 301
https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849 Page URL
https://www.google.com/?destinationid=2945262736&hpcid=1406805849&item=O0GI&ld=1&logo=195p&requestid=7jweQB1SVN&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://67.205.158.226/cl/107322_md/31/18669/12523/195/875799 HTTP 302
https://fluxella.com/ff6b978a88e2a66000/31/107322_12/195_875799_18669_6721544_md

Request Chain 1

https://polomari.com/r/5987dee0-ab36-4c52-a24d-a2f75d2235de/471167/1406805849/31 HTTP 302
https://conundrwo.com/sf/tpl38?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849 HTTP 301
http://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849 HTTP 301
https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849

Request Chain 18

https://beacon.conundrwo.com/g2/eedcbef8-d4d0-49a1-985e-c040a1d57ed5?logo=prime&hpcid=1406805849&item=O0GI&logo=195p&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167 HTTP 302
https://beacon.conundrwo.com/s/e29dbe42-ba84-4cd9-89bb-743af7f6d51c?&requestid=gzBYTo0DR6&destinationid=4114301328&logo=prime%2C195p&hpcid=1406805849&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167

35 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

195_875799_18669_6721544_md
fluxella.com/ff6b978a88e2a66000/31/107322_12/
Redirect Chain

http://67.205.158.226/cl/107322_md/31/18669/12523/195/875799
https://fluxella.com/ff6b978a88e2a66000/31/107322_12/195_875799_18669_6721544_md

143 B
441 B

541ms
312ms

Document
text/html

23.229.68.109
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: https://fluxella.com/ff6b978a88e2a66000/31/107322_12/195_875799_18669_6721544_md
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.229.68.109 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS: medical-unique.carnivalmade.net
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 143
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Sep 2023 16:58:47 GMT
Server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 163
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Sep 2023 16:58:45 GMT
Keep-Alive: timeout=5, max=100
Location: https://fluxella.com/ff6b978a88e2a66000/31/107322_12/195_875799_18669_6721544_md
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33

GET
H2

200

/ Show response
conundrwo.com/sf/tpl38/
Redirect Chain

https://polomari.com/r/5987dee0-ab36-4c52-a24d-a2f75d2235de/471167/1406805849/31
https://conundrwo.com/sf/tpl38?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
http://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849

2 KB
1 KB

167ms
165ms

Document
text/html

2606:4700:3031::ac43:c9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
Requested by: Host: fluxella.com
URL: https://fluxella.com/ff6b978a88e2a66000/31/107322_12/195_875799_18669_6721544_md
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:c9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0537c256902bd25bbce992765e862c3c7e4e43e2f2461079e7a18a5b65669fa0

Request headers

Referer: https://fluxella.com/ff6b978a88e2a66000/31/107322_12/195_875799_18669_6721544_md
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80a3dae18c06912a-FRA
content-encoding: br
content-type: text/html
date: Thu, 21 Sep 2023 16:58:48 GMT
last-modified: Wed, 20 Sep 2023 14:37:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lssVybwVUN%2F01xHB92qzFvN964Lu%2F3fmIcYGBuUZ2MmBuaX5YEsKTYgoavECqLwKLjwiKCdDbaFcnFoFt2imGrgP4DWUonE5QzjGOCSxanhXSzmMiPn%2BZ32qIEWLvr13PAS2LX45eIPfbdk"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 80a3dae15ab1373e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 21 Sep 2023 16:58:47 GMT
Expires: Thu, 21 Sep 2023 17:58:47 GMT
Location: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmlBgsthynR8YZWbol%2Blebz6ZoJ%2FrC3PSN0Ritjxt7G2NpvoeRq3G8dcz1n3Vu9vmdynfKtD7i8jq1npq4CwazOKGxSj6maLcJGYiLluUvBwYYTQzMO%2BtMPXxldKR6yKSsmxneGD12aNR%2Fsy"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 47ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88058520b48ab3ee50e6a7b06a6245d2398ebf4ec73fdd5ce66608cebd5f411e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 16:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 16:58:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 16:58:48 GMT

GET
H2 200 268a7048dd.js Show response
kit.fontawesome.com/ 11 KB
5 KB 1095ms
1066ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/268a7048dd.js
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e749dcd41c25e4176a25cce76820a0287c7506c9e27467675ce07369c21c8bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 80a3dae2cae139be-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F3f3Wlhm1k8lEfMxT8Qh

GET
H2 400 css2
fonts.googleapis.com/ 0
0 53ms
25ms Stylesheet
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=Muli:wght@900:wght@400&display=swap
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ 761 B
455 B 45ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 16:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 16:48:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 16:58:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
658 B 45ms
18ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 16:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 15:29:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 16:58:48 GMT

GET
H3 200 bundle.9cf6219034d022cae8e3.css
conundrwo.com/sf/tpl38/ 102 KB
17 KB 468ms
466ms Stylesheet
text/css 2606:4700:3031::ac43:c9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conundrwo.com/sf/tpl38/bundle.9cf6219034d022cae8e3.css?t=1695220565996
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090a3402b4fd57709274fb6fc57952e33a1e97a240c847f3bcb971908156ceca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Sep 2023 14:37:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"650b03a7-196ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLlbCc4wlfAmCIHD5Q0FSi40ka0NpBjemcj39NiznlpSMRKGbQf%2F0KzMar9Fo%2B67RTF%2BoYOlgPte8VSQXjMIG84EROT8kTf6ENyxIq2G9bnDruT%2FbMe5TTipppwKmaM2mtArf29hAf3u%2BYiX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 80a3dae2afda9bb6-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Sep 2024 16:58:49 GMT

GET
H3 200 default.png
conundrwo.com/sf/tpl38/public/ 13 KB
13 KB 20ms
19ms Image
image/png 2606:4700:3031::ac43:c9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conundrwo.com/sf/tpl38/public/default.png
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b842a170d2e24042701ea54258163b83e6a546e078cc20599f869a4fb24c39e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 186221
alt-svc: h3=":443"; ma=86400
content-length: 13033
last-modified: Tue, 19 Sep 2023 10:14:16 GMT
server: cloudflare
etag: "65097478-32e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTNB3bu0U%2FJmAsANW090uyqiZgXJHqFNjiTjNn9XnfOkF8fogBAydFQqPzL3M%2Fn6znVLiDcrke1ZXh2JFka8czh5IOKfsCVS2p1Ulzpxf4p8kNzMh%2Bjc8mgDujwtQD1rK0k0wH8mA8HOS3PT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80a3dae2e83c9bb6-FRA
expires: Wed, 18 Sep 2024 13:15:08 GMT

GET
H3 200 12.95e92dea.chunk.js Show response
conundrwo.com/sf/tpl38/js/ 390 KB
126 KB 1072ms
1072ms Script
application/javascript 2606:4700:3031::ac43:c9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conundrwo.com/sf/tpl38/js/12.95e92dea.chunk.js
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e91d2d261344e059a8e4f22dc17c1b6483f3f2b1456d895e2e92cf41de35596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Sep 2023 14:37:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"650b03a7-616b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtrApGA%2Bi8wrzKWAAaBLDVM6F5amprplWCHqEIjVMjvBMcE%2F3%2BDLi%2FvRpCPOKA7942mMsgywi9zdQF%2Fsxyt7pYM92GZD5F2rSUHcq9pUSK24BXQ3ofR9bVP34DZpOjrvJ6lzXfp1vHWET%2Fpw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 80a3dae2e8389bb6-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Sep 2024 16:58:49 GMT

GET
H3 200 app.32595b33.js Show response
conundrwo.com/sf/tpl38/js/ 815 KB
136 KB 1203ms
1203ms Script
application/javascript 2606:4700:3031::ac43:c9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conundrwo.com/sf/tpl38/js/app.32595b33.js
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e100f064ed74c5f964abb179c29aea5d4dc7e74154ea65d74842aad855d5fd8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/sf/tpl38/?logo=195p&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&hpcid=1406805849
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Sep 2023 14:37:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"650b03a7-cbcee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOYHPUGzKkhmaYgYbaLVL3ZvWvUvZS%2BLHbdVac0%2FdYxUuSvC35CrJWBIxQ%2FAhnZoJkVHoLyzLkFT4OKYGnDE60ffoXSDh8gbfrT2k8u5pF%2BWRn8xDEfiVfZieAZEStY7xNwdog8fhZ0SeKB6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 80a3dae2e83a9bb6-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Sep 2024 16:58:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
513 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/bundle.9cf6219034d022cae8e3.css?t=1695220565996

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 16:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 15:58:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 16:58:48 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 84ms
42ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHwVxqEjfDio7AyOFG7OP8vpKTZ4x0kuX86WA3ajOqvfFv2hV5Z0TMginyoD3V8fbKwXLhauv1qnQrLkCEOO6M7acDXVW1avLqd7CzYIPStYlF1ZB4dRLANR4zHfY%2BER1%2F9VP7ZlCF6m460uLljnLqSVtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 80a3dae9ca2490d7-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: C54p-8Jwo8flHdyq5JJBLNa2VUiw8VhV7O8c9nDduL6ZBjkSL2gdYQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 82ms
41ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ud8OFHBGVYlouG0gchHbU3w3Fo5a2hPWutfK%2BlFRPyZp5PoAlfvygOztRpfdjMOHQp26fCW3yrBY3eO4SOZYXOUS6GVxA7b9W4KTbiP24Zis3kmYYR8%2FxZq79yHTlZjeSZpzPN8ValKe%2BFHnY2Wr40GWjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 80a3dae9ca2590d7-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: oQjnwN-RUHW0hIWfDsnz47bGsONKKH64PUk-Txu5N4Lc9jjtP3DXgg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 67ms
27ms Fetch
text/css 2606:4700:e2::ac40:8209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZMvO7FTt7tLwKCmwGGdAECfhYdJ14X5hgGF468r79t7exQeL4kBaRMMgB4k4wGgqTscPL79p2Ef1ZlDPSzVLnab7dWdHiATs3xoupgos5QdJr5n4MrFepTaJHyyFcX3t0kfclqJxMTMN5W7PMq%2BElmLcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 80a3dae9ca2690d7-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 70qgDkEgmmnxv6dmC_6uspYIgrjGdp3sLJRZB-gZccpoESPsCQF4yg==

GET
H2 200 ace-push.js Show response
virtualpushplatform.com/ 13 KB
5 KB 83ms
46ms Script
text/javascript 2606:4700:3032::ac43:b158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://virtualpushplatform.com/ace-push.js
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/js/app.32595b33.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a856db4c4b3ced5cf49968cef62c0cd74572044593dd8424b2876ceabbd8ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 03 Aug 2023 14:22:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d9c615f7e92107"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bm3EPjueoE65gTTuen2dPkteUIl87LEfuX63b%2B9X%2BNx4t1%2FwcHBXt3K0DAJi09%2F321pULrq18N9rXP%2Fsubr0NhN8XQBSoSubzesIVzC9%2Fpt7nyNZxe%2FqEnpRUPvirmdJTgTgzHlmSklBbgavjiJSch%2BgLNOa6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 80a3daeb4ef93611-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 summary Show response
beacon.conundrwo.com/geo/ 120 B
573 B 338ms
128ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.conundrwo.com/geo/summary

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/js/12.95e92dea.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

04f67623d80a9d526fb0990c255f487d5c4a1c5b5e559904791d0bc03de34276

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://conundrwo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H3 404 prime.png
conundrwo.com/sf/tpl38/public/ 548 B
548 B 317ms
317ms Image
text/html 2606:4700:3031::ac43:c9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conundrwo.com/sf/tpl38/public/prime.png
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?hpcid=1406805849&item=O0GI&ld=1&logo=195p&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/sf/tpl38/?hpcid=1406805849&item=O0GI&ld=1&logo=195p&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nv3ucGEAqWY4GUY8X0WgG4MuC%2FqYtPXSPQSS1imgRJiT%2F2IbuGgSNbHUne0nkcw2zhLoidgl16Z0RC7IV8BnfA8FMRALRnvF35Mg3Klmd5bgzmmoibWiiZJxWmtkGA8TpVhLUHbKrsta0Btw"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 80a3daeb3d819bb6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

e29dbe42-ba84-4cd9-89bb-743af7f6d51c Show response
beacon.conundrwo.com/s/
Redirect Chain

https://beacon.conundrwo.com/g2/eedcbef8-d4d0-49a1-985e-c040a1d57ed5?logo=prime&hpcid=1406805849&item=O0GI&logo=195p&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167
https://beacon.conundrwo.com/s/e29dbe42-ba84-4cd9-89bb-743af7f6d51c?&requestid=gzBYTo0DR6&destinationid=4114301328&logo=prime%2C195p&hpcid=1406805849&item=O0GI&sub1=39039c88-626b-4648-8865-da027b42...

51 KB
38 KB

130ms
130ms

XHR
text/plain

45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.conundrwo.com/s/e29dbe42-ba84-4cd9-89bb-743af7f6d51c?&requestid=gzBYTo0DR6&destinationid=4114301328&logo=prime%2C195p&hpcid=1406805849&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/?hpcid=1406805849&item=O0GI&ld=1&logo=195p&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167

Protocol

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

065d8c5f9f8636ed2d10336d4afa98df375184f226c3e32adb9801e46edf318f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

Redirect headers

date: Thu, 21 Sep 2023 16:58:49 GMT
strict-transport-security: max-age=2592000
server: Kestrel
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
location: https://beacon.conundrwo.com/s/e29dbe42-ba84-4cd9-89bb-743af7f6d51c?&requestid=gzBYTo0DR6&destinationid=4114301328&logo=prime%2C195p&hpcid=1406805849&item=O0GI&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length: 0

GET
H3 200 prime_logo.png
conundrwo.com/sf/tpl38/public/ 12 KB
12 KB 165ms
165ms Image
image/png 2606:4700:3031::ac43:c9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conundrwo.com/sf/tpl38/public/prime_logo.png
Requested by: Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/bundle.9cf6219034d022cae8e3.css?t=1695220565996
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf6ec41f06550c35b0eefaa261fe5cc3d4250a4bd8efb2d2f9abbcb15da59ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://conundrwo.com/sf/tpl38/bundle.9cf6219034d022cae8e3.css?t=1695220565996
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Sep 2023 14:37:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "650b03a7-2eef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iePUNlaVTMXE%2BeJmMw%2BXd8gqOzFHbaH1o%2BXsKQ9a9t7a4Vnw%2FU3DNWnproPsmjdqbME0MZ1fTHOpvyLPVJdclF9EwrFO3njMSsyGbXFkoyYzhsDX7l7FyZPT2Ju99K8Mr4GOx%2FHHwhLNiB2G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80a3daeb3d859bb6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12015
expires: Fri, 20 Sep 2024 16:58:50 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300&family=Roboto+Slab:wght@600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88f421b2498fd4ff75eeb6df1d0e8b5e1f038007350ad968d4f258cbe50a02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://conundrwo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:29:25 GMT
x-content-type-options: nosniff
age: 599364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18656
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:30:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:29:25 GMT

POST
H2 200 visit Show response
pushvisit.xyz/api/v1/ 2 KB
2 KB 42ms
42ms Fetch
application/json 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Requested by: Host: virtualpushplatform.com
URL: https://virtualpushplatform.com/ace-push.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: d4608617e6d283771f766d547e23fd79e08e2fc3fc7262c15929ed74ede96fc4

Request headers

Referer: https://conundrwo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 21 Sep 2023 16:58:49 GMT
server: Kestrel
content-length: 1611
content-type: application/json; charset=utf-8

OPTIONS
H2 200 visit
pushvisit.xyz/api/v1/ 0
0 118ms
34ms Preflight 20.50.64.3
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvisit.xyz/api/v1/visit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://conundrwo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-length: 0
date: Thu, 21 Sep 2023 16:58:49 GMT

GET
H2 200 lastActivity Show response
beacon2.profiledatasolutions.com/an/ 69 B
553 B 382ms
182ms XHR
application/json 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon2.profiledatasolutions.com/an/lastActivity?id=1406805849

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/js/12.95e92dea.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3f2ce64adc4b8cc825b9ff5f61cd22d9bad0b00e6b7e68bdf7bced4bfd4f7bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://conundrwo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
DATA 200
OK truncated
/ 36 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fb84f3908851d212126c7bec5b3894174996f91c403ce1d7807ade5813dd1ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 a8bcbaea-b8b8-4871-8a13-c60eef23964d
beacon.conundrwo.com/g/ 68 B
545 B 100ms
100ms XHR
text/plain 45.55.126.207
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.conundrwo.com/g/a8bcbaea-b8b8-4871-8a13-c60eef23964d?hpcid=1406805849&item=O0GI&ld=1&logo=195p&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167&ccode=de

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/js/12.95e92dea.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://conundrwo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:49 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

GET
H2 200 Primary Request / Show response
www.google.com/ 238 KB
71 KB 146ms
115ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/?destinationid=2945262736&hpcid=1406805849&item=O0GI&ld=1&logo=195p&requestid=7jweQB1SVN&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167

Requested by

Host: conundrwo.com
URL: https://conundrwo.com/sf/tpl38/js/app.32595b33.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e1d2fe1b5d3ba4ebc01f6eac708bde60da359603ae5967a25fb8e20eec6ccf8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://conundrwo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 70947
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-vgKAZtlp614F5fhg76UpCg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Thu, 21 Sep 2023 16:58:50 GMT
expires: -1
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 16ms
15ms Image
image/png 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/?destinationid=2945262736&hpcid=1406805849&item=O0GI&ld=1&logo=195p&requestid=7jweQB1SVN&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5969
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Sep 2023 16:58:50 GMT

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 742 B
465 B 23ms
8ms Image
image/svg+xml 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 03:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 17:17:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 03:16:29 GMT

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
www.google.com/ 0
19 B 19ms
19ms Ping
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?ei=SnYMZdLqFaa7xc8P8rSJ2Ak&vet=10ahUKEwjSt-C_lryBAxWmXfEDHXJaApsQhJAHCBs..s&bl=mDa-&s=webhp&gl=de&pc=SEARCH_HOMEPAGE&isMobile=false

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-ujiJ3irrEukAdP9cvgjYvA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ujiJ3irrEukAdP9cvgjYvA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 21 Sep 2023 16:58:50 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 660 B
682 B 17ms
16ms Image
image/webp 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/?destinationid=2945262736&hpcid=1406805849&item=O0GI&ld=1&logo=195p&requestid=7jweQB1SVN&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:58:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2020 22:00:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/webp
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 660
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Sep 2023 16:58:50 GMT

GET
DATA 200
OK truncated
/ 775 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 236 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 686 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 338 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
www.google.com/ 0
19 B 18ms
18ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=SnYMZdLqFaa7xc8P8rSJ2Ak&zx=1695315530550&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-aDKZrvFlR6SvIII9nk1hmw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-aDKZrvFlR6SvIII9nk1hmw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 21 Sep 2023 16:58:50 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rs=AA2YrTuT0Kk5cn5ETVkWk70FjOO2k0J-og Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.V-SWmKbtXFs.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ 203 KB
73 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.V-SWmKbtXFs.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuT0Kk5cn5ETVkWk70FjOO2k0J-og

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee9eb6e922e2d62535f51d2c494bdfa55d615b5b280386b2192dd8f7cc40a364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74600
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 01:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:00:47 GMT

GET
H2 200 rs=AA2YrTvqyLXf507uGBeAXw__vjfjCJJyCQ
www.gstatic.com/og/_/ss/k=og.qtm.zZ6fHNZvKXs.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/ 2 KB
1 KB 28ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.qtm.zZ6fHNZvKXs.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTvqyLXf507uGBeAXw__vjfjCJJyCQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9aaa3d2f6dabfc2978475dca79a5cc9c17442af517126e96b9029ec1f67748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 10:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 638
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 01:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 10:33:30 GMT

POST
H3 204 gen_204
www.google.com/ 0
19 B 18ms
17ms Ping
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=SnYMZdLqFaa7xc8P8rSJ2Ak&rt=wsrt.149,aft.118,afti.114,prt.118&wh=1200&imn=6&ima=3&imad=0&imac=0&imf=0&aft=1&aftp=-1&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-1wwOBv9zXSKRy5e1rPpr-A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-1wwOBv9zXSKRy5e1rPpr-A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 21 Sep 2023 16:58:50 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.Ox0HebTIzao.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9JBE0z9__nE4FgyS-eLRbRwEP9Gw/ 119 KB
41 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.Ox0HebTIzao.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9JBE0z9__nE4FgyS-eLRbRwEP9Gw/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.V-SWmKbtXFs.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuT0Kk5cn5ETVkWk70FjOO2k0J-og

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b07d83026a1ee7aa23af97ad4328364b64a31d420a355bc5e11f9097828b2a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 05:56:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40971
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 05:56:05 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fluxella.com/	1970-01-20 14:55:16	Name: uid25564 Value: 1406805849-20230921115847-57d3307816e0858ee279575e12634571-4051
.virtualpushplatform.com/	1970-01-20 14:55:19	Name: TiPMix Value: 91.51029991452134
.virtualpushplatform.com/	1970-01-20 14:55:19	Name: x-ms-routing-name Value: self
.google.com/	1970-01-20 19:14:27	Name: AEC Value: Ad49MVEcbKXUfefYKdm-yLc2haa3wdUvWpEG6EdXTH9VUG1sw5SKzYlvFw
.google.com/	1970-01-21 00:25:02	Name: __Secure-ENID Value: 14.SE=mk79D7hmw7MqN1CmF1ROHmKhDANi2YZp4CrCWILVL4Ga6sIWDyy1jCQtL3GfFhcJCqEzCJd1VgAXn65D_JqlkRYu84ZG_-BYFKDeiYsZbGOPwJMhzsNYxtUag2cLl4LzymWllOCGVX4lPPqfhq3R6-fb6ddHwH30R3rGam4m0Wk
.google.com/	1970-01-21 00:31:15	Name: CONSENT Value: PENDING+326

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css2?family=Muli:wght@900:wght@400&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://conundrwo.com/sf/tpl38/public/prime.png Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
rendering	info	URL: https://www.google.com/?destinationid=2945262736&hpcid=1406805849&item=O0GI&ld=1&logo=195p&requestid=7jweQB1SVN&session_id=e683f47a-2d57-47da-a253-93de2d0c01fb&sub1=39039c88-626b-4648-8865-da027b4208d6&sub3=N6BM_471167(Line 84) Message: Autofocus processing was blocked because a document already has a focused element.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
beacon.conundrwo.com
beacon2.profiledatasolutions.com
conundrwo.com
fluxella.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
polomari.com
pushvisit.xyz
virtualpushplatform.com
www.google.com
www.gstatic.com
185.16.40.144
20.50.64.3
23.229.68.109
2606:4700:3031::ac43:c9b2
2606:4700:3032::ac43:b158
2606:4700::6812:1734
2606:4700:e2::ac40:8209
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:82a::2003
45.55.126.207
67.205.158.226
04f67623d80a9d526fb0990c255f487d5c4a1c5b5e559904791d0bc03de34276
0537c256902bd25bbce992765e862c3c7e4e43e2f2461079e7a18a5b65669fa0
065d8c5f9f8636ed2d10336d4afa98df375184f226c3e32adb9801e46edf318f
090a3402b4fd57709274fb6fc57952e33a1e97a240c847f3bcb971908156ceca
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f
2fb84f3908851d212126c7bec5b3894174996f91c403ce1d7807ade5813dd1ba
35a856db4c4b3ced5cf49968cef62c0cd74572044593dd8424b2876ceabbd8ee
3f2ce64adc4b8cc825b9ff5f61cd22d9bad0b00e6b7e68bdf7bced4bfd4f7bb4
4e91d2d261344e059a8e4f22dc17c1b6483f3f2b1456d895e2e92cf41de35596
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
7e749dcd41c25e4176a25cce76820a0287c7506c9e27467675ce07369c21c8bb
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
88058520b48ab3ee50e6a7b06a6245d2398ebf4ec73fdd5ce66608cebd5f411e
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99
ab9aaa3d2f6dabfc2978475dca79a5cc9c17442af517126e96b9029ec1f67748
b07d83026a1ee7aa23af97ad4328364b64a31d420a355bc5e11f9097828b2a04
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63
b842a170d2e24042701ea54258163b83e6a546e078cc20599f869a4fb24c39e4
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
d4608617e6d283771f766d547e23fd79e08e2fc3fc7262c15929ed74ede96fc4
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e100f064ed74c5f964abb179c29aea5d4dc7e74154ea65d74842aad855d5fd8e
e1d2fe1b5d3ba4ebc01f6eac708bde60da359603ae5967a25fb8e20eec6ccf8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88f421b2498fd4ff75eeb6df1d0e8b5e1f038007350ad968d4f258cbe50a02c
ecf6ec41f06550c35b0eefaa261fe5cc3d4250a4bd8efb2d2f9abbcb15da59ca
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
ee9eb6e922e2d62535f51d2c494bdfa55d615b5b280386b2192dd8f7cc40a364
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.google.com Open in urlscan Pro 2a00:1450:4001:81c::2004 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

97 %HTTPS

64 %IPv6

10 Domains

14 Subdomains

13 IPs

4 Countries

592 kBTransfer

2141 kBSize

6 Cookies

14 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.google.com Open in urlscan Pro
2a00:1450:4001:81c::2004 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

97 %
HTTPS

64 %
IPv6

10
Domains

14
Subdomains

13
IPs

4
Countries

592 kB
Transfer

2141 kB
Size

6
Cookies

35 HTTP transactions
8 data transactions