URL: https://business.google.com/website/pearlriversidegiangdien/posts/3675085483582187999?hl=vi
Submission: On January 18 via manual from VN

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2a00:1450:4001:816::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is business.google.com.
TLS certificate: Issued by GTS CA 1O1 on December 15th 2020. Valid for: 3 months.
This is the only time business.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
5 fonts.gstatic.com business.google.com
fonts.googleapis.com
5 www.gstatic.com business.google.com
www.gstatic.com
3 play.google.com www.gstatic.com
2 www.google-analytics.com www.gstatic.com
www.google-analytics.com
2 business.google.com www.gstatic.com
1 stats.g.doubleclick.net www.google-analytics.com
1 lh3.googleusercontent.com business.google.com
1 fonts.googleapis.com business.google.com
20 8

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.bandatnendongnai.vn
support.google.com
Subject Issuer Validity Valid
*.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://business.google.com/website/pearlriversidegiangdien/posts/3675085483582187999?hl=vi
Frame ID: 6316F88FC6CB974AB192B4DC66460994
Requests: 19 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

504 kB
Transfer

1028 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3675085483582187999
business.google.com/website/pearlriversidegiangdien/posts/
251 KB
73 KB
Document
General
Full URL
https://business.google.com/website/pearlriversidegiangdien/posts/3675085483582187999?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3aa763eff7aa2e7698f19ab7ec279a8f61774434e3301def67e1b8f59c7f9c2d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TQmh2nNoExOh80+sfSCzCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'nonce-TQmh2nNoExOh80+sfSCzCg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
business.google.com
:scheme
https
:path
/website/pearlriversidegiangdien/posts/3675085483582187999?hl=vi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 Jan 2021 04:37:22 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-TQmh2nNoExOh80+sfSCzCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'nonce-TQmh2nNoExOh80+sfSCzCg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
set-cookie
NID=207=BCJIk1yimQjdIG0XHMbo9rlNb-5wCSqKGoS_VKVxljDBTeWo-M_c_R_NTais1hD8CkdYB22CRuQkmnlvF7PdNUz-EuoWfJTXyTQUtJC3p82S2sC_JusmEzojZjCkhl1Tukonm_-aJ1Hifj9y86xkBUzpYQXRzT4X0_s71gCmX0Y; expires=Tue, 20-Jul-2021 04:37:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m=_b,_tp
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/
155 KB
55 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp
Requested by
Host: business.google.com
URL: https://business.google.com/website/pearlriversidegiangdien/posts/3675085483582187999?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d9f1919514ba6dfb0cb4f2239c7ce514b9044eab972629307d855062b92b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 03:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2448
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55476
x-xss-protection
0
last-modified
Sun, 06 Dec 2020 20:14:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Jan 2022 03:56:34 GMT
css
fonts.googleapis.com/
2 KB
704 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
Requested by
Host: business.google.com
URL: https://business.google.com/website/pearlriversidegiangdien/posts/3675085483582187999?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
239e73865bdf196fe5dd1399f3bb12b3c349745c7dde74bdf00265babc06a30e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Jan 2021 04:37:22 GMT
server
ESF
date
Mon, 18 Jan 2021 04:37:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Jan 2021 04:37:22 GMT
AF1QipP95ET8r7MyUKgAbVMNJUsJssJguNWbYYFNEdAk=w600-h0
lh3.googleusercontent.com/p/
91 KB
92 KB
Image
General
Full URL
https://lh3.googleusercontent.com/p/AF1QipP95ET8r7MyUKgAbVMNJUsJssJguNWbYYFNEdAk=w600-h0
Requested by
Host: business.google.com
URL: https://business.google.com/website/pearlriversidegiangdien/posts/3675085483582187999?hl=vi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8e3c18efdcd5fe70faed5ac3612b1e928ed3cd103d0a9e4d34e7dde4eaeef495
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 04:37:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v218"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
private, max-age=86400, no-transform
content-disposition
inline;filename="2020-12-22.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93452
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJHMXBBA.woff2
fonts.gstatic.com/s/materialiconsextended/v64/
113 KB
113 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialiconsextended/v64/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJHMXBBA.woff2
Requested by
Host: business.google.com
URL: https://business.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918439426787feaf9c7aaec4cb9ff51a6ea946948683323a39e37c418b05dc0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://business.google.com
Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 06:27:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:12:45 GMT
server
sffe
age
252572
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115300
x-xss-protection
0
expires
Sat, 15 Jan 2022 06:27:50 GMT
rax_HiWKp9EAITukFsl8AxhfsUjQ8Q.woff2
fonts.gstatic.com/s/fugazone/v10/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/fugazone/v10/rax_HiWKp9EAITukFsl8AxhfsUjQ8Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2c9c9b5727c92f11d7211cdee3fd01492ad8f8818d4306193e23fe5d6db2ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://business.google.com
Referer
https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 19:57:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 04:31:58 GMT
server
sffe
age
204001
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10880
x-xss-protection
0
expires
Sat, 15 Jan 2022 19:57:21 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://business.google.com
Referer
https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 19:09:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
379692
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 13 Jan 2022 19:09:10 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://business.google.com
Referer
https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 09:58:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
585529
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7292
x-xss-protection
0
expires
Tue, 11 Jan 2022 09:58:33 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=_b,_tp/excm=_b,_tp,localpostview/ed=1...
36 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=_b,_tp/excm=_b,_tp,localpostview/ed=1/wt=2/ct=zgms/rs=AD4das10PZH-t8bBm0WCF_b28kz8aSEjJA/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bd67e3f6435a296e95b937b47c6b8f0a08a73b92af11032bb2648af8619efbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 10:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324308
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13339
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 09:07:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 10:32:14 GMT
mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v18/
4 KB
4 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bc4f2d9e78ed7161722678a992ec9875bd4faaefcb7b692e12b80015cbb1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://business.google.com
Referer
https://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 16 Jan 2021 09:16:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:24 GMT
server
sffe
age
156075
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3628
x-xss-protection
0
expires
Sun, 16 Jan 2022 09:16:07 GMT
m=n73qwf,ws9Tlc,IZT63,e5qFLc,GkRiKb,vfuNJf,UUJqVe,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,p8L0ob,O6y8ed,NpD4ec,PrPYRd,iWP1Yb,SF3gsd,MpJwZc,NwH0H,OmgaI,HLo3Ef,x60fie,xiqEse,la...
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_...
216 KB
75 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,localpostview/ed=1/wt=2/ct=zgms/rs=AD4das10PZH-t8bBm0WCF_b28kz8aSEjJA/m=n73qwf,ws9Tlc,IZT63,e5qFLc,GkRiKb,vfuNJf,UUJqVe,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,p8L0ob,O6y8ed,NpD4ec,PrPYRd,iWP1Yb,SF3gsd,MpJwZc,NwH0H,OmgaI,HLo3Ef,x60fie,xiqEse,lazG7b,Y2UGcc,XVMNvd,L1AAkb,KUM7Z,rE6Mgd,hc6Ubd,lwddkf,gychg,w9hDv,RMhBfe,mdR7q,Ru0Pgb,SdcwHb,aW3pY,YLQSd,PQaYAf,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,MI6k7c,kjKdXe,vVO7Se,CBlRxf,MdUzUe,xQtZb,lPKSwe,o02Jie,JNoxi,hKSk3e,ZEa7Hd,pB6Zqd,rHjpXd,yDVVkb,zbML3c,iTsyac,Uas9Hd,BVgquf,KG2eXe,tfTN8c,VwDzFe,HDvRde,A7fCU,UgAtXe,pjICDe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b9080cdea32bb34551bd907d14d404a5c5b956016916a24e790f0c65ccab15c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 10:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324308
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77168
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 09:07:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 10:32:14 GMT
m=A4UTCb,JbzNG,fgj8Rb,EGNJFf,idXveb,iSvg6e,uY3Nvd,OVw3Zb
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=A7fCU,BVgquf,CBlRxf,COQbmf,EFQ78c,GkR...
81 KB
28 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=A7fCU,BVgquf,CBlRxf,COQbmf,EFQ78c,GkRiKb,HDvRde,HLo3Ef,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,NpD4ec,NwH0H,O6y8ed,OmgaI,PQaYAf,PrPYRd,RMhBfe,Ru0Pgb,SF3gsd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,UgAtXe,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Y2UGcc,YLQSd,ZEa7Hd,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,iTsyac,iWP1Yb,kjKdXe,lPKSwe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,o02Jie,p8L0ob,pB6Zqd,pjICDe,rE6Mgd,rHjpXd,tfTN8c,vVO7Se,vfuNJf,w9hDv,ws9Tlc,x60fie,xQtZb,xUdipf,xiqEse,yDVVkb,zbML3c/excm=_b,_tp,localpostview/ed=1/wt=2/ct=zgms/rs=AD4das10PZH-t8bBm0WCF_b28kz8aSEjJA/m=A4UTCb,JbzNG,fgj8Rb,EGNJFf,idXveb,iSvg6e,uY3Nvd,OVw3Zb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27de3b567bf71dc7425b35e17b9b65645b45061d54038b2ca2b4a74779026ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 14:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396388
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28307
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 09:07:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jan 2022 14:30:54 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,localpostview/ed=1/wt=2/ct=zgms/rs=AD4das10PZH-t8bBm0WCF_b28kz8aSEjJA/m=n73qwf,ws9Tlc,IZT63,e5qFLc,GkRiKb,vfuNJf,UUJqVe,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,p8L0ob,O6y8ed,NpD4ec,PrPYRd,iWP1Yb,SF3gsd,MpJwZc,NwH0H,OmgaI,HLo3Ef,x60fie,xiqEse,lazG7b,Y2UGcc,XVMNvd,L1AAkb,KUM7Z,rE6Mgd,hc6Ubd,lwddkf,gychg,w9hDv,RMhBfe,mdR7q,Ru0Pgb,SdcwHb,aW3pY,YLQSd,PQaYAf,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,MI6k7c,kjKdXe,vVO7Se,CBlRxf,MdUzUe,xQtZb,lPKSwe,o02Jie,JNoxi,hKSk3e,ZEa7Hd,pB6Zqd,rHjpXd,yDVVkb,zbML3c,iTsyac,Uas9Hd,BVgquf,KG2eXe,tfTN8c,VwDzFe,HDvRde,A7fCU,UgAtXe,pjICDe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4670
date
Mon, 18 Jan 2021 03:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 18 Jan 2021 05:19:32 GMT
collect
www.google-analytics.com/j/
4 B
392 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1294028676&t=event&_s=1&dl=https%3A%2F%2Fbusiness.google.com%2Fwebsite%2Fpearlriversidegiangdien%2Fposts%2F3675085483582187999&dr=&ul=en-us&de=UTF-8&dt=Nh%C3%A0%20%C4%90%E1%BA%A5t%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Posts%20Leaf&ea=Impression&_u=YEBAAAABAAAAAC~&jid=471383375&gjid=1909276481&cid=2011207712.1610944643&tid=UA-77246179-1&_gid=2023821443.1610944643&_r=1&_slc=1&z=320721406
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 04:37:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://business.google.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,_latency,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=A4UTCb,A7fCU,BVgquf,CBlRxf,COQbmf,EFQ...
6 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.k3Fh802g1vs.L.B1.O/am=CgKB/d=1/exm=A4UTCb,A7fCU,BVgquf,CBlRxf,COQbmf,EFQ78c,EGNJFf,GkRiKb,HDvRde,HLo3Ef,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,MpJwZc,NpD4ec,NwH0H,O6y8ed,OVw3Zb,OmgaI,PQaYAf,PrPYRd,RMhBfe,Ru0Pgb,SF3gsd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,UgAtXe,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Y2UGcc,YLQSd,ZEa7Hd,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,blwjVc,byfTOb,e5qFLc,fKUV3e,fgj8Rb,gychg,hKSk3e,hc6Ubd,iSvg6e,iTsyac,iWP1Yb,idXveb,kjKdXe,lPKSwe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,o02Jie,p8L0ob,pB6Zqd,pjICDe,rE6Mgd,rHjpXd,tfTN8c,uY3Nvd,vVO7Se,vfuNJf,w9hDv,ws9Tlc,x60fie,xQtZb,xUdipf,xiqEse,yDVVkb,zbML3c/excm=_b,_tp,localpostview/ed=1/wt=2/ct=zgms/rs=AD4das10PZH-t8bBm0WCF_b28kz8aSEjJA/m=Wt6vjf,_latency,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65be3d67cb5ddbb34c7ad6cb62eefc559d4ad27bfc5ddefbcd9dd88b72cf5817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 23:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276158
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2578
x-xss-protection
0
last-modified
Fri, 04 Dec 2020 09:07:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Jan 2022 23:54:44 GMT
log
play.google.com/
131 B
792 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Jan 2021 04:37:22 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://business.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 18 Jan 2021 04:37:22 GMT
collect
stats.g.doubleclick.net/j/
1 B
87 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-77246179-1&cid=2011207712.1610944643&jid=471383375&gjid=1909276481&_gid=2023821443.1610944643&_u=YEBAAAAAAAAAAC~&z=1907625528
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Jan 2021 04:37:22 GMT
content-type
text/plain
access-control-allow-origin
https://business.google.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
browserinfo
business.google.com/_/GeoMerchantPrestoSiteUi/
95 B
554 B
XHR
General
Full URL
https://business.google.com/_/GeoMerchantPrestoSiteUi/browserinfo?f.sid=-2211678616545010863&bl=boq_geomerchantprestoserver_20201206.15_p0&hl=vi&soc-app=698&soc-platform=1&soc-device=1&_reqid=20246&rt=j
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc7455dac3b5f710ee4d27b5fd4fa39e888b699d3ee1a5cccb0424db16d12741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://business.google.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Jan 2021 04:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
play.google.com/
131 B
770 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://business.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Jan 2021 04:37:32 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://business.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Mon, 18 Jan 2021 04:37:32 GMT
log
play.google.com/
0
0
Other
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://business.google.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://business.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Mon, 18 Jan 2021 04:37:32 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| WIZ_global_data number| cc_latency_start_time function| onaft function| _isLazyImage string| cc_aid number| iml_start number| css_size object| cc_latency function| ccTick function| onJsLoad function| onCssLoad function| _isVisible function| _recordImlEl number| prt function| wiz_tick string| _F_cssRowKey string| _F_combinedSignature function| _DumpException object| BOQ_wizbind object| AF_initDataKeys object| AF_dataServiceRequests object| AF_initDataChunkQueue function| AF_initDataCallback undefined| AF_initDataInitializeCallback object| aft_counter function| initAft object| IJ_values object| _wjdd object| default_GeoMerchantPrestoSiteUi boolean| BOQ_loadedInitialJS function| _F_installCss function| _B_err object| closure_lm_13825 function| wiz_progress function| _F_getIjData function| _F_getAverageFps object| _mxNDff string| GoogleAnalyticsObject function| ga number| closure_uid_907487993 boolean| ly11Pc object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.business.google.com/ Name: _gat_UA772461791
Value: 1
.business.google.com/ Name: _gid
Value: GA1.3.2023821443.1610944643
.business.google.com/ Name: _ga
Value: GA1.3.2011207712.1610944643
business.google.com/ Name: OTZ
Value: 5810677_52_52_123900_48_436380
.google.com/ Name: NID
Value: 207=BCJIk1yimQjdIG0XHMbo9rlNb-5wCSqKGoS_VKVxljDBTeWo-M_c_R_NTais1hD8CkdYB22CRuQkmnlvF7PdNUz-EuoWfJTXyTQUtJC3p82S2sC_JusmEzojZjCkhl1Tukonm_-aJ1Hifj9y86xkBUzpYQXRzT4X0_s71gCmX0Y

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp(Line 433)
Message:
%c%s color: red; background: yellow; font-size: 24px; CẢNH BÁO!
console-api log URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.vi.MngkYYgbPT8.es5.O/am=CgKB/d=1/excm=_b,_tp,localpostview/ed=1/dg=0/wt=2/ct=zgms/rs=AD4das2pgHvPuGR97XUXQZYU2og3FiCA0g/m=_b,_tp(Line 433)
Message:
%c%s font-size: 18px; Sử dụng bảng điều khiển này có thể cho phép kẻ tấn công mạo danh bạn và lấy cắp thông tin của bạn bằng cuộc tấn công có tên Self-XSS. Không nhập hay dán mã mà bạn không hiểu.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'report-sample' 'nonce-TQmh2nNoExOh80+sfSCzCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'nonce-TQmh2nNoExOh80+sfSCzCg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.google-analytics.com/analytics.js https://www.googleadservices.com https://googleads.g.doubleclick.net http://www.gstatic.com/wcm/;report-uri /_/GeoMerchantPrestoSiteUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

business.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
play.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.gstatic.com
2a00:1450:4001:809::2003
2a00:1450:4001:815::200e
2a00:1450:4001:816::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81e::2001
2a00:1450:4001:820::200e
2a00:1450:400c:c00::9d
239e73865bdf196fe5dd1399f3bb12b3c349745c7dde74bdf00265babc06a30e
27de3b567bf71dc7425b35e17b9b65645b45061d54038b2ca2b4a74779026ece
3aa763eff7aa2e7698f19ab7ec279a8f61774434e3301def67e1b8f59c7f9c2d
43d9f1919514ba6dfb0cb4f2239c7ce514b9044eab972629307d855062b92b56
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
65be3d67cb5ddbb34c7ad6cb62eefc559d4ad27bfc5ddefbcd9dd88b72cf5817
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b9080cdea32bb34551bd907d14d404a5c5b956016916a24e790f0c65ccab15c
8e3c18efdcd5fe70faed5ac3612b1e928ed3cd103d0a9e4d34e7dde4eaeef495
918439426787feaf9c7aaec4cb9ff51a6ea946948683323a39e37c418b05dc0d
9bd67e3f6435a296e95b937b47c6b8f0a08a73b92af11032bb2648af8619efbe
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5bc4f2d9e78ed7161722678a992ec9875bd4faaefcb7b692e12b80015cbb1a5
d2c9c9b5727c92f11d7211cdee3fd01492ad8f8818d4306193e23fe5d6db2ca7
dc7455dac3b5f710ee4d27b5fd4fa39e888b699d3ee1a5cccb0424db16d12741
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b