authtest.harbourats.com Open in urlscan Pro
46.43.38.123  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response authtest.harbourats.com/	2 KB 1 KB	146ms 64ms	Document text/html	46.43.38.123 BYTEMARK-AS
General Check archive.org Show headers Download Go to Full URL https://authtest.harbourats.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.43.38.123 , United Kingdom, ASN35425 (BYTEMARK-AS, GB), Reverse DNS 46-43-38-123.no-reverse-dns-set.bytemark.co.uk Software / Resource Hash 204d01bfd3bd8dde58e1ce52d507a160a438da497667b4e5ad90217a2bdb7f36 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host authtest.harbourats.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Tue, 12 Oct 2021 08:48:43 GMT Set-Cookie PHPSESSID=petbr1s19vf6m7m7nfs9fb6i87; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 959 Content-Type text/html; charset=UTF-8 X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Referrer-Policy strict-origin-when-cross-origin
GET H2	200	api:client.js Show response apis.google.com/js/	12 KB 6 KB	55ms 33ms	Script application/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api:client.js Requested by Host: authtest.harbourats.com URL: https://authtest.harbourats.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 183750d769349faedbb6c7348ff7642fd2a77c64004e88b73dd63408ced7016e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-V+iIaeouWrQhHVIoLH7BLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 08:48:43 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF etag "693a15f3af6f6cb512ea94bb3bb5d4ec" x-frame-options SAMEORIGIN report-to {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-V+iIaeouWrQhHVIoLH7BLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS" expires Tue, 12 Oct 2021 08:48:43 GMT
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	29ms 10ms	Script application/javascript	2001:4de0:ac18::1:a:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: authtest.harbourats.com URL: https://authtest.harbourats.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 08:48:43 GMT content-encoding gzip last-modified Sat, 20 Jan 2018 17:26:44 GMT server nginx etag W/"5a637bd4-1538f" vary Accept-Encoding x-hw 1634028523.dop053.fr8.t,1634028523.cds208.fr8.hn,1634028523.cds002.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
GET H/1.1	200 OK	app.js Show response authtest.harbourats.com/public/	1 KB 888 B	38ms 38ms	Script application/javascript	46.43.38.123 BYTEMARK-AS
General Check archive.org Show headers Download Go to Full URL https://authtest.harbourats.com/public/app.js?_=1 Requested by Host: authtest.harbourats.com URL: https://authtest.harbourats.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.43.38.123 , United Kingdom, ASN35425 (BYTEMARK-AS, GB), Reverse DNS 46-43-38-123.no-reverse-dns-set.bytemark.co.uk Software / Resource Hash 316dad298e9ee348473c91872dd6b9a375efd11db9e935a214cacea6048556a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host authtest.harbourats.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://authtest.harbourats.com/ Cookie PHPSESSID=petbr1s19vf6m7m7nfs9fb6i87 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 12 Oct 2021 08:48:43 GMT Content-Encoding gzip Referrer-Policy strict-origin-when-cross-origin Last-Modified Mon, 11 Mar 2019 12:24:46 GMT ETag "6e493-414-583d0a8717f80" X-Frame-Options SAMEORIGIN Content-Type application/javascript X-XSS-Protection 1; mode=block Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Vary Accept-Encoding Content-Length 435 X-Content-Type-Options nosniff
GET H2	200	css fonts.googleapis.com/	672 B 1 KB	38ms 15ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300 Requested by Host: authtest.harbourats.com URL: https://authtest.harbourats.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 388442a1e51e37650faaa206d776a1ced6816a3f9a41b66dbe7347a4537c13fe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Oct 2021 06:58:01 GMT server ESF date Tue, 12 Oct 2021 08:48:43 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Tue, 12 Oct 2021 08:48:43 GMT
GET H2	200	mobi.min.css cdnjs.cloudflare.com/ajax/libs/mobi.css/3.0.3/	10 KB 3 KB	400ms 382ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mobi.css/3.0.3/mobi.min.css Requested by Host: authtest.harbourats.com URL: https://authtest.harbourats.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 213cc8ad6fc7b66027ec5512105550e2e137eed09d93ca3e68a1021c5afc355d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 08:48:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 2206 timing-allow-origin * last-modified Mon, 04 May 2020 16:13:25 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f25-2827" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFBmeBAP7%2F0RVqsdMUTV9X%2Bt0zyhQKvv5DL3hl%2BwCW1BF8jZ5R9HrQMK6%2B77wCnKninCjbz7nz%2BIwAfmbll7rMDBVU1b5hJhYreUibheG7PfVeciTIJhALLzOq1hd%2FXZx1EXF%2F6Nh1HPrKnInzc3Xfwm"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 69cf121f08f26957-FRA expires Sun, 02 Oct 2022 08:48:43 GMT
GET H2	200	all.css use.fontawesome.com/releases/v5.3.1/css/	48 KB 11 KB	474ms 445ms	Stylesheet text/css	2606:4700:3031::ac43:d645 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.3.1/css/all.css Requested by Host: authtest.harbourats.com URL: https://authtest.harbourats.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9 Request headers Referer https://authtest.harbourats.com/ Origin https://authtest.harbourats.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 08:48:43 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id ZMDJRABQ3FZ3Z5Z0 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-id-2 X8mREaNDZPMlRan9EIoY+coGodFtC6Xt9U4T7Jo4oqGLeqoRtrdHnCVco0x8OrTxATjc9tqEjIw= last-modified Wed, 30 Jun 2021 15:42:14 GMT server cloudflare etag W/"10519cfd3206802f58315b877a9beab5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGhB3wFBChpXwK4FIRlQ4D2PtYc%2FuZDX9Ks%2FXYiZ8hrJVDLaagyn4%2B2Uc4P72z0tVmAsVPySDb9NzLxg%2FlwARX9%2Bx0w8OGyoyyIWMU3BjEATxz60hRiAz2mKEI5zvlTP4z1cLOoTqFQDd8OlErF1Ln9G"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 69cf121f1f414de8-FRA
GET H/1.1	200 OK	styles.css authtest.harbourats.com/public/	1 KB 903 B	39ms 39ms	Stylesheet text/css	46.43.38.123 BYTEMARK-AS
General Check archive.org Show headers Download Go to Full URL https://authtest.harbourats.com/public/styles.css?_=2 Requested by Host: authtest.harbourats.com URL: https://authtest.harbourats.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 46.43.38.123 , United Kingdom, ASN35425 (BYTEMARK-AS, GB), Reverse DNS 46-43-38-123.no-reverse-dns-set.bytemark.co.uk Software / Resource Hash c86f9881a6ad60d290c4caeebf6c40a069beda1aa7d6abeb2c90f58f3aa7ee4e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host authtest.harbourats.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://authtest.harbourats.com/ Cookie PHPSESSID=petbr1s19vf6m7m7nfs9fb6i87 Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 12 Oct 2021 08:48:43 GMT Content-Encoding gzip Referrer-Policy strict-origin-when-cross-origin Last-Modified Tue, 04 May 2021 10:29:53 GMT ETag "6e5f2-42a-5c17e8f040a40" X-Frame-Options SAMEORIGIN Content-Type text/css X-XSS-Protection 1; mode=block Strict-Transport-Security max-age=31536000 Accept-Ranges bytes Vary Accept-Encoding Content-Length 464 X-Content-Type-Options nosniff
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/	311 KB 106 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/api:client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c70f4d8f51a2419bd5481f7dc4651538c1e1f1f0e7bd9b44622726f0e92100d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 09 Oct 2021 22:38:25 GMT content-encoding gzip x-content-type-options nosniff age 209418 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 107879 x-xss-protection 0 last-modified Fri, 10 Sep 2021 23:24:10 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="social-frontend-mpm-access" expires Sun, 09 Oct 2022 22:38:25 GMT
GET H2	200	cb=gapi.loaded_1 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/	62 B 160 B	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1 Requested by Host: apis.google.com URL: https://apis.google.com/js/api:client.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 16:19:34 GMT x-content-type-options nosniff age 491349 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62 x-xss-protection 0 last-modified Fri, 10 Sep 2021 23:24:10 GMT server sffe vary Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="social-frontend-mpm-access" expires Thu, 06 Oct 2022 16:19:34 GMT
GET H2	200	S6u9w4BMUTPHh7USSwiPGQ.woff2 fonts.gstatic.com/s/lato/v20/	23 KB 23 KB	30ms 8ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://authtest.harbourats.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 10 Oct 2021 11:51:27 GMT x-content-type-options nosniff age 161836 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23248 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:18:53 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 10 Oct 2022 11:51:27 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame C7B9	513 B 925 B	39ms 17ms	Document text/html	2a00:1450:4001:828::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 469488a3cabeecc777773cc74377c9c9a584b69a72b4207cbc3eef07762e2db1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5QS8XYdLYJIys89k+9ERFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority accounts.google.com :scheme https :path /o/oauth2/iframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://authtest.harbourats.com/ accept-encoding gzip, deflate, br cookie NID=511=NhPaEk9O7kGRYxnzbzWHsWSVo942oAQoNM0lTwITQPd5yYgMxpXf8jod31tBQYHgvl9j-H-tq-80a6DIskZaKAyODjW9ZG8Azpv7rnZ5R0Jfe4IIO_7LILLKw80tDPAxhD14H7aoZlVJ9bMxIy2NkWo_MuNPKiYnx8VAmwpbCe4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://authtest.harbourats.com/ Response headers content-type text/html; charset=utf-8 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 12 Oct 2021 08:48:43 GMT content-language en-US content-security-policy script-src 'report-sample' 'nonce-5QS8XYdLYJIys89k+9ERFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	3223131903-idpiframe.js Show response ssl.gstatic.com/accounts/o/ Frame C7B9	115 KB 40 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/3223131903-idpiframe.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b1d5535dd412dbe60f89f44555dd6dc752ac90ab350d4ae9e063134e14a3e47e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 08:43:11 GMT content-encoding gzip x-content-type-options nosniff age 86732 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40198 x-xss-protection 0 last-modified Tue, 05 Oct 2021 18:17:59 GMT server sffe vary Accept-Encoding report-to {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="federated-signon-mpm-access" expires Tue, 11 Oct 2022 08:43:11 GMT
GET H2	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame C7B9	14 B 172 B	18ms 18ms	XHR application/json	2a00:1450:4001:828::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fauthtest.harbourats.com&client_id=914477108476-n2var1p3flbul34fns11dtptal0qsd0r.apps.googleusercontent.com Requested by Host: ssl.gstatic.com URL: https://ssl.gstatic.com/accounts/o/3223131903-idpiframe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 08:48:43 GMT content-encoding gzip x-content-type-options nosniff server ESF content-type application/json; charset=utf-8 cache-control public, max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Tue, 12 Oct 2021 09:48:43 GMT
GET H2	200	fa-solid-900.woff2 use.fontawesome.com/releases/v5.3.1/webfonts/	66 KB 66 KB	213ms 212ms	Font font/woff2	2606:4700:3031::ac43:d645 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d Request headers Referer https://use.fontawesome.com/releases/v5.3.1/css/all.css Origin https://authtest.harbourats.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 08:48:44 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id ZMDW7DFRGMKZKGKB alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 67400 x-amz-id-2 BoyCF71npgBtMjBnL/KTRYbrHGOCPcBWDIhUv84sZdxhrICvS1ybMAmSfPpXt4y4LrGxFtwpvs0= last-modified Wed, 30 Jun 2021 15:42:33 GMT server cloudflare etag "14a08198ec7d1eb96d515362293fed36" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGTo9ZjC1fwPGzrgFheh25FAFrY1twFOxKLFuQBUmK5d67Cgwm3eWtNB5iTfHtvEbfW%2FRf9UnXXRqzxyZh0l7D%2BiyZ%2BaI59ZkJZSY0zTDm8Mg89HoQMxgFmy%2F%2FuxiXKNsKTkeFg4VJIJTKAKjG3ZPlWr"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 69cf1221ebff4de8-FRA

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| gapi object| ___jsl function| $ function| jQuery object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| GoogleLoginHelper object| auth2

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			authtest.harbourats.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: petbr1s19vf6m7m7nfs9fb6i87
			.google.com/	1970-01-20 02:17:19	Name: NID Value: 511=NhPaEk9O7kGRYxnzbzWHsWSVo942oAQoNM0lTwITQPd5yYgMxpXf8jod31tBQYHgvl9j-H-tq-80a6DIskZaKAyODjW9ZG8Azpv7rnZ5R0Jfe4IIO_7LILLKw80tDPAxhD14H7aoZlVJ9bMxIy2NkWo_MuNPKiYnx8VAmwpbCe4
			.authtest.harbourats.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
authtest.harbourats.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
ssl.gstatic.com
use.fontawesome.com
2001:4de0:ac18::1:a:1a
2606:4700:3031::ac43:d645
2606:4700::6810:135e
2a00:1450:4001:802::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200d
2a00:1450:4001:82a::200e
46.43.38.123
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
183750d769349faedbb6c7348ff7642fd2a77c64004e88b73dd63408ced7016e
204d01bfd3bd8dde58e1ce52d507a160a438da497667b4e5ad90217a2bdb7f36
213cc8ad6fc7b66027ec5512105550e2e137eed09d93ca3e68a1021c5afc355d
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
316dad298e9ee348473c91872dd6b9a375efd11db9e935a214cacea6048556a9
388442a1e51e37650faaa206d776a1ced6816a3f9a41b66dbe7347a4537c13fe
469488a3cabeecc777773cc74377c9c9a584b69a72b4207cbc3eef07762e2db1
5c70f4d8f51a2419bd5481f7dc4651538c1e1f1f0e7bd9b44622726f0e92100d
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
b1d5535dd412dbe60f89f44555dd6dc752ac90ab350d4ae9e063134e14a3e47e
c86f9881a6ad60d290c4caeebf6c40a069beda1aa7d6abeb2c90f58f3aa7ee4e
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d