urlscan.io logo urlscan.io
SecurityTrails logo

content.email.statefundca.com Open in urlscan Pro
13.225.87.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tracking.email.statefundca.com/t/3187599/132446472/2901410/0/1004685/?b77777bc=MzE4NzU5OQ&8823dc38=MTE4MGVmOGYtNWQ4NS00MjVj...
Effective URL: https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20m...
Submission: On September 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 26 HTTP transactions. The main IP is 13.225.87.100, located in United States and belongs to AMAZON-02, US. The main domain is content.email.statefundca.com.
TLS certificate: Issued by R3 on August 27th 2021. Valid for: 3 months.
This is the only time content.email.statefundca.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.215.244.243 16509 (AMAZON-02)
2 13.225.87.100 16509 (AMAZON-02)
1 142.250.185.170 15169 (GOOGLE)
2 13.224.193.64 16509 (AMAZON-02)
6 142.250.186.68 15169 (GOOGLE)
6 142.250.185.131 15169 (GOOGLE)
9 142.250.186.163 15169 (GOOGLE)
26 6
1    54.215.244.243 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-244-243.us-west-1.compute.amazonaws.com
tracking.email.statefundca.com
2    13.225.87.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-100.fra2.r.cloudfront.net
content.email.statefundca.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
2    13.224.193.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-64.fra2.r.cloudfront.net
editor.ne16.com
6    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
6    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
9    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.gstatic.com
Domain Requested by
9 www.gstatic.com www.google.com
www.gstatic.com
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 www.google.com content.email.statefundca.com
www.gstatic.com
www.google.com
2 editor.ne16.com content.email.statefundca.com
editor.ne16.com
2 content.email.statefundca.com content.email.statefundca.com
1 fonts.googleapis.com content.email.statefundca.com
1 tracking.email.statefundca.com 1 redirects
26 7

This site contains no links.

Subject Issuer Validity Valid
content.email.statefundca.com
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
editor.ne16.com
Amazon		 2021-09-07 -
2022-10-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
Frame ID: 8A3A43E8597ED8296D4D4D4DDF16775F
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
Frame ID: AF1E37AEF4829207E77A2B5DB96AFD59
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&cb=ifbhts5t516k
Frame ID: 05D6DC7E96663DDBA7C134A7503A0AE4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tracking.email.statefundca.com/t/3187599/132446472/2901410/0/1004685/?b77777bc=MzE4NzU5OQ&8823dc38=MTE4... HTTP 307
    https://tracking.email.statefundca.com/t/3187599/132446472/2901410/0/1004685/?b77777bc=MzE4NzU5OQ&8823dc38=MTE4... HTTP 302
    https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

1
Countries

702 kB
Transfer

1417 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tracking.email.statefundca.com/t/3187599/132446472/2901410/0/1004685/?b77777bc=MzE4NzU5OQ&amp;8823dc38=MTE4MGVmOGYtNWQ4NS00MjVjLWExYmMtMzUxZDRhNGM3NTUw&amp;x=4c33247f HTTP 307
    https://tracking.email.statefundca.com/t/3187599/132446472/2901410/0/1004685/?b77777bc=MzE4NzU5OQ&amp;8823dc38=MTE4MGVmOGYtNWQ4NS00MjVjLWExYmMtMzUxZDRhNGM3NTUw&amp;x=4c33247f HTTP 302
    https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_] Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Form.ashx
content.email.statefundca.com/Subscribe/
Redirect Chain
  • http://tracking.email.statefundca.com/t/3187599/132446472/2901410/0/1004685/?b77777bc=MzE4NzU5OQ&amp;8823dc38=MTE4MGVmOGYtNWQ4NS00MjVjLWExYmMtMzUxZDRhNGM3NTUw&amp;x=4c33247f
  • https://tracking.email.statefundca.com/t/3187599/132446472/2901410/0/1004685/?b77777bc=MzE4NzU5OQ&amp;8823dc38=MTE4MGVmOGYtNWQ4NS00MjVjLWExYmMtMzUxZDRhNGM3NTUw&amp;x=4c33247f
  • https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-100.fra2.r.cloudfront.net
Software
nginx/1.16.1 / ASP.NET
Resource Hash
ae969e2ec67e9ba7009fa32fa79e33d7a42bb2a0871bc0d591a29264359d1242

Request headers

:method
GET
:authority
content.email.statefundca.com
:scheme
https
:path
/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
content-length
15904
server
nginx/1.16.1
date
Tue, 28 Sep 2021 20:36:26 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
bN6eXTJW3EhJqSOzaPtDkNFKyph4anHE55LBOtRla1c8qJt8VKHYyw==

Redirect headers

server
nginx/1.16.1
date
Tue, 28 Sep 2021 20:36:26 GMT
content-type
text/html; charset=utf-8
content-length
283
cache-control
private
location
https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge members_.memberidguid_]
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
BYPASS
css2
fonts.googleapis.com/ 		2 KB
995 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat
Requested by
Host: content.email.statefundca.com
URL: https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.email.statefundca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 20:26:44 GMT
server
ESF
date
Tue, 28 Sep 2021 20:36:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Sep 2021 20:36:27 GMT
Subscribe.js
editor.ne16.com/Subscribe/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://editor.ne16.com/Subscribe/Subscribe.js
Requested by
Host: content.email.statefundca.com
URL: https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-64.fra2.r.cloudfront.net
Software
nginx/1.16.1 / ASP.NET
Resource Hash
ce7ea059aef6d2da434c2b32efd1b18bf976dc840513c2d596ab143f73a30c93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.email.statefundca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 19:47:50 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
server
nginx/1.16.1
x-aspnet-version
4.0.30319
age
2917
x-powered-by
ASP.NET
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
cache-control
public
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
content-length
23859
x-amz-cf-id
T1_wrINVErjeiQZbAvQwLrWc2reFnqgVSXb6JAHBoslyAv8b4vm3tA==
expires
Tue, 28 Sep 2021 20:47:48 GMT
api.js
www.google.com/recaptcha/ 		852 B
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: content.email.statefundca.com
URL: https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
de4c939e053d48aa3ce8bdb1f065c5387c28d595c85adb47143a05052f3fe339
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.email.statefundca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Tue, 28 Sep 2021 20:36:27 GMT
SAWCA_Banner.jpg
content.email.statefundca.com/scif/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.email.statefundca.com/scif/SAWCA_Banner.jpg
Requested by
Host: content.email.statefundca.com
URL: https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-100.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
685d0b1aa9d5d6cb754aec9dbadb85d21b1359d0db12fb1c1efc1ada0134ca9b
Security Headers
Name Value
Content-Security-Policy media-src *; object-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/scif/SAWCA_Banner.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
content.email.statefundca.com
referer
https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://content.email.statefundca.com/Subscribe/Form.ashx?l=1004685&p=501cf00d-315d-4576-a458-8a85b5cf993e&mailid=3187599&m=[merge%20members_.memberidguid_]
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
9fYC7yHw96LmWHqEsicj5j.VReJ7aVEF
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront), 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3431
x-edge-origin-shield-skipped
0
x-amz-replication-status
COMPLETED
x-cache
Hit from cloudfront
content-length
31567
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Mar 2021 22:01:39 GMT
server
AmazonS3
date
Tue, 28 Sep 2021 19:39:17 GMT
content-type
image/jpeg
cache-control
max-age=3600
etag
"c67055bf83e9e613ca663b9346c5512d"
content-security-policy
media-src *; object-src 'self';
x-amz-cf-pop
FRA2-C1 FRA2-C2
accept-ranges
bytes
x-amz-cf-id
CaxjcR_SsWSNyY-kbRB8UlwEfCt2YKqr361mz_006Ud7GBZw8cRPgw==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://content.email.statefundca.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 13:18:36 GMT
x-content-type-options
nosniff
age
544671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 13:18:36 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://content.email.statefundca.com/
Origin
https://content.email.statefundca.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136719
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Wed, 28 Sep 2022 20:23:09 GMT
SubscribeData.ashx
editor.ne16.com/Subscribe/ 		921 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://editor.ne16.com/Subscribe/SubscribeData.ashx?p=501cf00d-315d-4576-a458-8a85b5cf993e&l=1004685&m=%5Bmerge%20members_.memberidguid_%5D&mailid=3187599&c=%5B%22Subscriber%22%5D&d=%5B%22emailaddr_%22%2C%22FirstName_%22%2C%22LastName_%22%2C%22addresscity_%22%2C%22addressstate_%22%2C%22addresszip_%22%2C%22addressphone_%22%2C%22company_%22%2C%22profileindustry_%22%2C%22text1_%22%2C%22text6_%22%2C%22unicodetext2_%22%2C%22unicodetext7_%22%2C%22text4_%22%2C%22text5_%22%2C%22unicodetext1_%22%2C%22demographics%22%2C%22category%22%2C%22list%22%2C%22DlvFormType%22%2C%22DlvProgressiveProfiling%22%5D&a=%5B%22scif%22%5D&keyword=&u=https%3A%2F%2Fcontent.email.statefundca.com%2FSubscribe%2FForm.ashx%3Fl%3D1004685%26p%3D501cf00d-315d-4576-a458-8a85b5cf993e%26mailid%3D3187599%26m%3D%5Bmerge%2520members_.memberidguid_%5D
Requested by
Host: editor.ne16.com
URL: https://editor.ne16.com/Subscribe/Subscribe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-64.fra2.r.cloudfront.net
Software
nginx/1.16.1 / ASP.NET
Resource Hash
e177a379aea1afe7c11c0bf4bd83c795e8867ba6ab4945eeb9d4302126d5fdbb

Request headers

Accept
application/json
Referer
https://content.email.statefundca.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:36:28 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
server
nginx/1.16.1
x-aspnet-version
4.0.30319
x-edge-origin-shield-skipped
0
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-amz-cf-pop
FRA2-C1
content-length
921
x-amz-cf-id
3YVbY5yKJGZgEJGenxLus8JYU0-_thLdiB3ToGBsIr17I8HuRy0LxA==
anchor
www.google.com/recaptcha/api2/ Frame AF1E 		40 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
9c43c4ad91d062577bbf3ed0d7f637551a9b9e962390a93357bab67fb9a68b5c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IyHjdgcqgyey7jfZ/sU1eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://content.email.statefundca.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://content.email.statefundca.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 28 Sep 2021 20:36:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-IyHjdgcqgyey7jfZ/sU1eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20964
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame AF1E 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Wed, 28 Sep 2022 20:23:09 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame AF1E 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136719
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Wed, 28 Sep 2022 20:23:09 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AF1E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:54:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
121342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 04 Oct 2021 10:54:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF1E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
41320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 09:07:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF1E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:50:25 GMT
x-content-type-options
nosniff
age
121562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 10:50:25 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame AF1E 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&co=aHR0cHM6Ly9jb250ZW50LmVtYWlsLnN0YXRlZnVuZGNhLmNvbTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=bzffbft0d89j
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 28 Sep 2021 20:36:27 GMT
bframe
www.google.com/recaptcha/api2/ Frame 05D6 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&cb=ifbhts5t516k
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
81c6e7978355d7253255ee26fe3e90298480e72a87fb953cbc26869c00d2dcfb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DgmXTYaZwQwgkJuBVi4T9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&cb=ifbhts5t516k
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://content.email.statefundca.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://content.email.statefundca.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 28 Sep 2021 20:36:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-DgmXTYaZwQwgkJuBVi4T9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 05D6 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&cb=ifbhts5t516k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Wed, 28 Sep 2022 20:23:09 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 05D6 		342 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&cb=ifbhts5t516k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136719
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 18:01:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Wed, 28 Sep 2022 20:23:09 GMT
reload
www.google.com/recaptcha/api2/ Frame 05D6 		36 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
6c0f9e690a02969f7da3ac02a8fff135442ab737127dd55fa39b37516d1f9b5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&cb=ifbhts5t516k
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 28 Sep 2021 20:36:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21774
x-xss-protection
1; mode=block
expires
Tue, 28 Sep 2021 20:36:28 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 05D6 		600 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 14:23:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
195166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
expires
Sun, 03 Oct 2021 14:23:42 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 05D6 		530 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 15:09:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
106032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
expires
Mon, 04 Oct 2021 15:09:16 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 05D6 		665 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:05:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
120640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
expires
Mon, 04 Oct 2021 11:05:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 05D6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
41321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 09:07:47 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 05D6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 09:54:00 GMT
x-content-type-options
nosniff
age
556948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 09:54:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 05D6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:50:25 GMT
x-content-type-options
nosniff
age
121563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 10:50:25 GMT
payload
www.google.com/recaptcha/api2/ Frame 05D6 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AGdBq25hCw6HAx1zBY9X9Rk8rV64a7rluLaA8xStg1T_-x45JIab6JeVxtrplDSHNonVysZzgy7_4ZBQl0L1lzNVhEB75vuGzqvKfpC9w21xnJiDIqJvb5rRx0T943-obtSmP9WDyTJAnWWiAm__aNkFm5E9rVO1W3lOEM6XuqtYzQwGmgDHzfQkVc45ba4m1SGZQPa8_CtOvPOiwoXSSRt0xXWgGwtJZw&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
c56c840691b08ac0d23963f6fde5353481e66ee3a0efe5ca0cad9c66d3b21c4f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LezXvYZAAAAAAT6mRWdmveMtaRM5iXK1YNFjBW5&cb=ifbhts5t516k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 20:36:28 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33558
x-xss-protection
1; mode=block
expires
Tue, 28 Sep 2021 20:36:28 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster object| dlvra object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| hiddenCaptchaVerified object| closure_lm_434392

1 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AH-MKGX0idBvkIrOQWUanxUhkJtkKZUnm6A2rCaFXJyLh8phO-CdHN6KRgU0eCgfpYAI-BD4j7iN2W_a1l53HJQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.email.statefundca.com
editor.ne16.com
fonts.googleapis.com
fonts.gstatic.com
tracking.email.statefundca.com
www.google.com
www.gstatic.com
13.224.193.64
13.225.87.100
142.250.185.131
142.250.185.170
142.250.186.163
142.250.186.68
54.215.244.243
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
685d0b1aa9d5d6cb754aec9dbadb85d21b1359d0db12fb1c1efc1ada0134ca9b
6c0f9e690a02969f7da3ac02a8fff135442ab737127dd55fa39b37516d1f9b5c
81c6e7978355d7253255ee26fe3e90298480e72a87fb953cbc26869c00d2dcfb
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
9c43c4ad91d062577bbf3ed0d7f637551a9b9e962390a93357bab67fb9a68b5c
ae969e2ec67e9ba7009fa32fa79e33d7a42bb2a0871bc0d591a29264359d1242
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
c56c840691b08ac0d23963f6fde5353481e66ee3a0efe5ca0cad9c66d3b21c4f
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ce7ea059aef6d2da434c2b32efd1b18bf976dc840513c2d596ab143f73a30c93
de4c939e053d48aa3ce8bdb1f065c5387c28d595c85adb47143a05052f3fe339
e177a379aea1afe7c11c0bf4bd83c795e8867ba6ab4945eeb9d4302126d5fdbb