urlscan.io logo urlscan.io
SecurityTrails logo

sso.retailcrm.tech Open in urlscan Pro
80.93.188.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sso.retailcrm.tech/
Effective URL: https://sso.retailcrm.tech/
Submission: On January 09 via manual from UA — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 36 HTTP transactions. The main IP is 80.93.188.244, located in Moscow, Russian Federation and belongs to SELECTEL, RU. The main domain is sso.retailcrm.tech.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on March 1st 2023. Valid for: a year.
This is the only time sso.retailcrm.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 80.93.188.244 49505 (SELECTEL)
4 10 2a02:6b8::1:119 13238 (YANDEX)
1 34.120.195.249 396982 (GOOGLE-CL...)
7 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 82.202.233.71 49505 (SELECTEL)
4 2a00:1450:400... 15169 (GOOGLE)
36 8
9    80.93.188.244 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
sso.retailcrm.tech
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o131005.ingest.sentry.io
7    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    82.202.233.71 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
s3-s1.retailcrm.tech
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
926 KB
10 retailcrm.tech
sso.retailcrm.tech
s3-s1.retailcrm.tech
365 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6227
3 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 6
71 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2266
71 KB
1 sentry.io
o131005.ingest.sentry.io
324 B
36 6
Domain Requested by
9 sso.retailcrm.tech 1 redirects sso.retailcrm.tech
8 www.gstatic.com www.google.com
www.gstatic.com
7 mc.yandex.com 3 redirects sso.retailcrm.tech
7 www.google.com sso.retailcrm.tech
www.gstatic.com
www.google.com
4 fonts.gstatic.com www.google.com
3 mc.yandex.ru 1 redirects sso.retailcrm.tech
1 s3-s1.retailcrm.tech sso.retailcrm.tech
1 o131005.ingest.sentry.io sso.retailcrm.tech
36 8

This site contains links to these domains. Also see Links.

Domain
account.retailcrm.ru
Subject Issuer Validity Valid
*.retailcrm.tech
AlphaSSL CA - SHA256 - G4		 2023-03-01 -
2024-04-01		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://sso.retailcrm.tech/
Frame ID: 92FBB84B3C964F6BB9EC1D2DC06FCEF1
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
Frame ID: 9638B870852A20A9D48B96638F41F79A
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
Frame ID: 7E9996274CA70174A8927D3AB680B472
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in RetailCRM

Page URL History Show full URLs

  1. http://sso.retailcrm.tech/ HTTP 301
    https://sso.retailcrm.tech/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

36
Requests

92 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

1434 kB
Transfer

3368 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sso.retailcrm.tech/ HTTP 301
    https://sso.retailcrm.tech/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10243.t_tKQKbTaq8rzwiqTLrBNXrzWR8vW9kpEas7BlTNLIEYwZ9P_Ostahe0meyvMAON.R2WwVpOGUeilzwu1X-c22KbL__c%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10243.WkyYBMgyUAfoOrkcH6kTnBWdmfEhy55VTkL_impYtjXQTO7D9Mjd85bjWKm4mGYPvkW8DzMKIVvEB6Pp1GrqNgrW76RUXp0F0DdmabvF_AaiW-qrvu_rk3bw-ns32abQFvCxeyxFrHAJ-4JmvRbEgA_tnYsgibgh67_90FiKp-CShbzaFErHV_D0DESMj-v-2D2uHyByu8TJIFeBArfElmyDWYcYgS4HO7Jvlnsy6CY%2C.2UsMiKraACcht9V5LEDvVMQQEr8%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10243.KmuEjv_3jCGKxXKdGRI5dwATN_5JBIyy46VVsZDIgnqCojvr_eMc1VRJjfgmeoLYay8CBoY1Nv0BYSVl6Yl-hsxCr8k3DO_8gvvWTv7lNZvOLjiC4FPtyIa-Bi-SiplrPdoyX_QKUs_d3lEILj6xD9FUCuDmM8mWnC5tOlTAkIb8VgbQf9bzWM1-1_FlsRMZu1WsuHWWmtfJYGQJt0QMOg%2C%2C.8132fVcL6fSnU4C1hUUK_zy6H6U%2C
Request Chain 32
  • https://mc.yandex.com/watch/21317974?wmode=7&page-url=https%3A%2F%2Fsso.retailcrm.tech%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1628107746953%3Ahid%3A462545251%3Az%3A60%3Ai%3A20240110000551%3Aet%3A1704841551%3Ac%3A1%3Arn%3A582918536%3Arqn%3A1%3Au%3A1704841551208569995%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C64%2C1%2C135%2C0%2C%2C20%2C0%2C%2C%2C%2C849%3Aco%3A0%3Acpf%3A1%3Ans%3A1704841550006%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704841552%3At%3ALog%20in%20RetailCRM&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/21317974/1?wmode=7&page-url=https%3A%2F%2Fsso.retailcrm.tech%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1628107746953%3Ahid%3A462545251%3Az%3A60%3Ai%3A20240110000551%3Aet%3A1704841551%3Ac%3A1%3Arn%3A582918536%3Arqn%3A1%3Au%3A1704841551208569995%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C64%2C1%2C135%2C0%2C%2C20%2C0%2C%2C%2C%2C849%3Aco%3A0%3Acpf%3A1%3Ans%3A1704841550006%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704841552%3At%3ALog%20in%20RetailCRM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sso.retailcrm.tech/
Redirect Chain
  • http://sso.retailcrm.tech/
  • https://sso.retailcrm.tech/
564 B
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.retailcrm.tech/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.188.244 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
7f1ed1e82889fb61b62f4bde6142de1730fb78edd114bd853118705f9b80bc8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
564
Content-Type
text/html
Date
Tue, 09 Jan 2024 23:05:50 GMT
ETag
"65717f26-234"
Last-Modified
Thu, 07 Dec 2023 08:15:34 GMT
Server
openresty/1.21.4.1

Redirect headers

Connection
keep-alive
Content-Length
175
Content-Type
text/html
Date
Tue, 09 Jan 2024 23:05:50 GMT
Location
https://sso.retailcrm.tech/
Server
openresty/1.21.4.1
index-abe96d8f.js
sso.retailcrm.tech/assets/ 		1 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.retailcrm.tech/assets/index-abe96d8f.js
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.188.244 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
77a69f7b7d7dfb79b127a222910d6c7aa324cdc9c2529553c6cd5fd6b57c61dd

Request headers

Referer
https://sso.retailcrm.tech/
Origin
https://sso.retailcrm.tech
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 23:05:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 08:15:34 GMT
Server
openresty/1.21.4.1
ETag
W/"65717f26-460"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
public
Connection
keep-alive
vendor-bfc2921d.js
sso.retailcrm.tech/assets/ 		602 KB
237 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.retailcrm.tech/assets/vendor-bfc2921d.js
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.188.244 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
281e7e7659f0b2962d77d872756148064c4d68c329214c79e30295f169bb45e3

Request headers

Referer
https://sso.retailcrm.tech/
Origin
https://sso.retailcrm.tech
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 23:05:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 08:15:34 GMT
Server
openresty/1.21.4.1
ETag
W/"65717f26-966ad"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
public
Connection
keep-alive
app-d68c81f2.js
sso.retailcrm.tech/assets/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.retailcrm.tech/assets/app-d68c81f2.js
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.188.244 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
9fb17d262725fe62d06ab054473a48d4ade2643bc28deb1604b2dba50e71095b

Request headers

Referer
https://sso.retailcrm.tech/
Origin
https://sso.retailcrm.tech
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 23:05:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 08:15:34 GMT
Server
openresty/1.21.4.1
ETag
W/"65717f26-135b1"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
public
Connection
keep-alive
app-865b1e11.css
sso.retailcrm.tech/assets/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.retailcrm.tech/assets/app-865b1e11.css
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.188.244 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
865b1e11dd3fd87e121776a9a260b91fa102dd0dd30a743da2520bed849398c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sso.retailcrm.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 23:05:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 08:15:34 GMT
Server
openresty/1.21.4.1
ETag
W/"65717f26-a752"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
public
Connection
keep-alive
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/assets/app-d68c81f2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sso.retailcrm.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:05:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 27 Dec 2023 07:32:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"658bd2fc-11627"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71207
expires
Wed, 10 Jan 2024 00:05:51 GMT
/
o131005.ingest.sentry.io/api/4506149670944768/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o131005.ingest.sentry.io/api/4506149670944768/envelope/?sentry_key=ef3217c04c517dd5990151dc3d6b5cbe&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.77.0
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/assets/vendor-bfc2921d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sso.retailcrm.tech/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Jan 2024 23:05:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/assets/app-d68c81f2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a60f0bfa0403449e3e3705228aa8f010d4c4845445535fdd206341ffc31bc7fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sso.retailcrm.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 09 Jan 2024 23:05:50 GMT
37f5692b-2239-4e61-a637-6d838296af34
https://sso.retailcrm.tech/ 		28 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://sso.retailcrm.tech/37f5692b-2239-4e61-a637-6d838296af34
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
619b955964f271ac2904dc507de09c94ca99921e102f79070ff9f051b94637bc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
29054
Content-Type
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		506 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.retailcrm.tech/
Origin
https://sso.retailcrm.tech
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207855
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jan 2025 17:18:24 GMT
anchor
www.google.com/recaptcha/api2/ Frame 9638 		45 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1da5a429fb2e328e2f295c33240c127f524f6822ee8116b656c9defed4bc1e8d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4LwS5F0ggZk2Px0e9Vxumw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.retailcrm.tech/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4LwS5F0ggZk2Px0e9Vxumw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 23:05:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
me
sso.retailcrm.tech/api/v1/client/ 		80 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.retailcrm.tech/api/v1/client/me
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/assets/vendor-bfc2921d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.188.244 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
903ddbf571914727476324e0ed4773a006786c9effa8b6b316bc685eb7a55e9e

Request headers

Accept
application/json, text/plain, */*
Referer
https://sso.retailcrm.tech/
System-Language
en-GB
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 23:05:51 GMT
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Length
80
Content-Type
application/json; charset=utf-8
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 9638 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:39:44 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 9638 		506 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207855
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jan 2025 17:18:24 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 		506 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sso.retailcrm.tech/
Origin
https://sso.retailcrm.tech
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207855
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jan 2025 17:18:24 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7E99 		43 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
59a785ca656c55cf842c836f733f5e6f28e0c5c537505c14b1f969e9dad97841
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-70LBdsh45ToUxdbqfe_JFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.retailcrm.tech/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-70LBdsh45ToUxdbqfe_JFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jan 2024 23:05:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gilroy-800-normal-3fc637c6.woff2
sso.retailcrm.tech/assets/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.retailcrm.tech/assets/gilroy-800-normal-3fc637c6.woff2
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/assets/app-865b1e11.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.188.244 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
3fc637c6ccbad9643cef7c79cfb3479eb28e939ea8dbcb79d5fbb09f6dbd073e

Request headers

Referer
https://sso.retailcrm.tech/assets/app-865b1e11.css
Origin
https://sso.retailcrm.tech
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 23:05:51 GMT
Last-Modified
Thu, 07 Dec 2023 08:15:34 GMT
Server
openresty/1.21.4.1
ETag
"65717f26-65f4"
Content-Type
font/woff2
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26100
login__decor_en-d4adaaa7.svg
sso.retailcrm.tech/assets/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.retailcrm.tech/assets/login__decor_en-d4adaaa7.svg
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.93.188.244 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
d4adaaa7e1dfb57760bb24bec7f35ef9ceb111d3e1578515d63e406c80398fc2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sso.retailcrm.tech/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 23:05:51 GMT
Last-Modified
Thu, 07 Dec 2023 08:15:34 GMT
Server
openresty/1.21.4.1
ETag
"65717f26-10177"
Content-Type
image/svg+xml
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65911
logo_icon.svg
s3-s1.retailcrm.tech/ru-central-1/retailcrm-static/branding/retailcrm/logo/ 		585 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-s1.retailcrm.tech/ru-central-1/retailcrm-static/branding/retailcrm/logo/logo_icon.svg
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.202.233.71 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
4fcf7dab1aa58906d8941bceb79bbb18f2648bbfae5c50288cdf8d6444d42902

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sso.retailcrm.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 09 Jan 2024 23:05:51 GMT
Last-Modified
Thu, 30 Nov 2023 15:10:19 GMT
Server
nginx/1.14.0
X-Amz-Request-Id
37faae98a732c948
Etag
"b69460e82cfa75fda7aacc7425ad4343"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
585
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10243.t_tKQKbTaq8rzwiqTLrBNXrzWR8vW9kpEas7BlTNLIEYwZ9P_Ostahe0meyvMAON.R2WwVpOGUeilzwu1X-c22KbL__c%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10243.WkyYBMgyUAfoOrkcH6kTnBWdmfEhy55VTkL_impYtjXQTO7D9Mjd85bjWKm4mGYPvkW8DzMKIVvEB6Pp1GrqNgrW76RUXp0F0DdmabvF_AaiW-qrvu_rk3bw-ns32abQFvCxeyxFrH...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10243.KmuEjv_3jCGKxXKdGRI5dwATN_5JBIyy46VVsZDIgnqCojvr_eMc1VRJjfgmeoLYay8CBoY1Nv0BYSVl6Yl-hsxCr8k3DO_8gvvWTv7lNZvOL...
43 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10243.KmuEjv_3jCGKxXKdGRI5dwATN_5JBIyy46VVsZDIgnqCojvr_eMc1VRJjfgmeoLYay8CBoY1Nv0BYSVl6Yl-hsxCr8k3DO_8gvvWTv7lNZvOLjiC4FPtyIa-Bi-SiplrPdoyX_QKUs_d3lEILj6xD9FUCuDmM8mWnC5tOlTAkIb8VgbQf9bzWM1-1_FlsRMZu1WsuHWWmtfJYGQJt0QMOg%2C%2C.8132fVcL6fSnU4C1hUUK_zy6H6U%2C
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/login
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sso.retailcrm.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:05:51 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10243.KmuEjv_3jCGKxXKdGRI5dwATN_5JBIyy46VVsZDIgnqCojvr_eMc1VRJjfgmeoLYay8CBoY1Nv0BYSVl6Yl-hsxCr8k3DO_8gvvWTv7lNZvOLjiC4FPtyIa-Bi-SiplrPdoyX_QKUs_d3lEILj6xD9FUCuDmM8mWnC5tOlTAkIb8VgbQf9bzWM1-1_FlsRMZu1WsuHWWmtfJYGQJt0QMOg%2C%2C.8132fVcL6fSnU4C1hUUK_zy6H6U%2C
date
Tue, 09 Jan 2024 23:05:51 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sso.retailcrm.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:05:51 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 25 Dec 2023 13:57:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65898a2e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 10 Jan 2024 00:05:51 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 7E99 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:39:44 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 7E99 		506 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207855
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 07 Jan 2025 17:18:24 GMT
SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js
www.google.com/js/bg/ Frame 9638 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:51:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
51251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6849
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:51:40 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9638 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:56:54 GMT
x-content-type-options
nosniff
age
97737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 15 Jan 2024 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9638 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options
nosniff
age
430735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9638 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:17:31 GMT
x-content-type-options
nosniff
age
96500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 20:17:31 GMT
SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js
www.google.com/js/bg/ Frame 7E99 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:51:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
51251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6849
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:51:40 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7E99 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:56:54 GMT
x-content-type-options
nosniff
age
97737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 15 Jan 2024 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7E99 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 23:26:56 GMT
x-content-type-options
nosniff
age
430735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7E99 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 20:17:31 GMT
x-content-type-options
nosniff
age
96500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Jan 2025 20:17:31 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9638 		105 B
138 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc7a1e492172ff138824358dbbd19ce25036065084f3f6bc5bf50ff4840b096e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=fikf2vanw7vl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 09 Jan 2024 23:05:51 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7E99 		105 B
138 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc7a1e492172ff138824358dbbd19ce25036065084f3f6bc5bf50ff4840b096e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGwdAmAAAAAHdgU3RkyTu2ci_ucOo02CwsjMh8&co=aHR0cHM6Ly9zc28ucmV0YWlsY3JtLnRlY2g6NDQz&hl=de-CH&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=kn6dqdwphbdq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 23:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 09 Jan 2024 23:05:51 GMT
1
mc.yandex.com/watch/21317974/
Redirect Chain
  • https://mc.yandex.com/watch/21317974?wmode=7&page-url=https%3A%2F%2Fsso.retailcrm.tech%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/21317974/1?wmode=7&page-url=https%3A%2F%2Fsso.retailcrm.tech%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf...
474 B
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/21317974/1?wmode=7&page-url=https%3A%2F%2Fsso.retailcrm.tech%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1628107746953%3Ahid%3A462545251%3Az%3A60%3Ai%3A20240110000551%3Aet%3A1704841551%3Ac%3A1%3Arn%3A582918536%3Arqn%3A1%3Au%3A1704841551208569995%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C64%2C1%2C135%2C0%2C%2C20%2C0%2C%2C%2C%2C849%3Aco%3A0%3Acpf%3A1%3Ans%3A1704841550006%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704841552%3At%3ALog%20in%20RetailCRM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a697392e47cfcca70cb78c2d3e687d5f0ba65d53a2520e9a4babeadd6485ad89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sso.retailcrm.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 23:05:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 09-Jan-2024 23:05:51 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sso.retailcrm.tech
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
474
x-xss-protection
1; mode=block
expires
Tue, 09-Jan-2024 23:05:51 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jan 2024 23:05:51 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 09-Jan-2024 23:05:51 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/21317974/1?wmode=7&page-url=https%3A%2F%2Fsso.retailcrm.tech%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1628107746953%3Ahid%3A462545251%3Az%3A60%3Ai%3A20240110000551%3Aet%3A1704841551%3Ac%3A1%3Arn%3A582918536%3Arqn%3A1%3Au%3A1704841551208569995%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C64%2C1%2C135%2C0%2C%2C20%2C0%2C%2C%2C%2C849%3Aco%3A0%3Acpf%3A1%3Ans%3A1704841550006%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704841552%3At%3ALog%20in%20RetailCRM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://sso.retailcrm.tech
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 09-Jan-2024 23:05:51 GMT
21317974
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/21317974?wv-part=1&wv-type=7&wmode=0&wv-hit=462545251&page-url=https%3A%2F%2Fsso.retailcrm.tech%2Flogin&rn=341163739&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1704841554%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240110000553%3Au%3A1704841551208569995%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Ast%3A1704841554&t=gdpr(14)ti(1)
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/assets/vendor-bfc2921d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.retailcrm.tech/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 23:05:54 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 09-Jan-2024 23:05:54 GMT
content-type
image/gif
access-control-allow-origin
https://sso.retailcrm.tech
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 09-Jan-2024 23:05:54 GMT
21317974
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/21317974?wv-part=1&wv-type=7&wmode=0&wv-hit=462545251&page-url=https%3A%2F%2Fsso.retailcrm.tech%2Flogin&rn=899455532&browser-info=we%3A1%3Aet%3A1704841554%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240110000554%3Au%3A1704841551208569995%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Ast%3A1704841554&t=gdpr(14)ti(1)
Requested by
Host: sso.retailcrm.tech
URL: https://sso.retailcrm.tech/assets/vendor-bfc2921d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sso.retailcrm.tech/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Jan 2024 23:05:54 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 09-Jan-2024 23:05:54 GMT
content-type
image/gif
access-control-allow-origin
https://sso.retailcrm.tech
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 09-Jan-2024 23:05:54 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| _sentryDebugIds string| _sentryDebugIdIdentifier object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ object| SENTRY_RELEASE boolean| __VUE__ object| dataLayer object| __SENTRY__ object| __sentry_instrumentation_handlers__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_280137 object| Ya

18 Cookies

Domain/Path Name / Value
.retailcrm.tech/ Name: _ym_uid
Value: 1704841551208569995
.retailcrm.tech/ Name: _ym_d
Value: 1704841551
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 948309642fake
.yandex.com/ Name: i
Value: qMgK9WzWTgCgrvN73G8AagF0lsHW3hcS5kJmfOpBUSvc0uaC4keDmJRqwwNlgH001Wg31Q+7whOr6q50kVfjrpNpBuI=
.yandex.com/ Name: yandexuid
Value: 6578425391704841551
.retailcrm.tech/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 84203267fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 6578425391704841551
.yandex.ru/ Name: yuidss
Value: 6578425391704841551
.yandex.ru/ Name: i
Value: qMgK9WzWTgCgrvN73G8AagF0lsHW3hcS5kJmfOpBUSvc0uaC4keDmJRqwwNlgH001Wg31Q+7whOr6q50kVfjrpNpBuI=
.yandex.ru/ Name: yp
Value: 1704927951.yu.7668459531704841551
.yandex.ru/ Name: ymex
Value: 1707433551.oyu.7668459531704841551
mc.yandex.com/ Name: yabs-sid
Value: 1963109971704841551
.yandex.com/ Name: yuidss
Value: 6578425391704841551
.yandex.com/ Name: ymex
Value: 1736377551.yrts.1704841551
.yandex.com/ Name: bh
Value: KgI/MA==
.retailcrm.tech/ Name: _ym_visorc
Value: w

1 Console Messages

Source Level URL
Text
network error URL: https://sso.retailcrm.tech/api/v1/client/me
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
o131005.ingest.sentry.io
s3-s1.retailcrm.tech
sso.retailcrm.tech
www.google.com
www.gstatic.com
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
2a02:6b8::1:119
34.120.195.249
80.93.188.244
82.202.233.71
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1da5a429fb2e328e2f295c33240c127f524f6822ee8116b656c9defed4bc1e8d
281e7e7659f0b2962d77d872756148064c4d68c329214c79e30295f169bb45e3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fc637c6ccbad9643cef7c79cfb3479eb28e939ea8dbcb79d5fbb09f6dbd073e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
4fcf7dab1aa58906d8941bceb79bbb18f2648bbfae5c50288cdf8d6444d42902
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59a785ca656c55cf842c836f733f5e6f28e0c5c537505c14b1f969e9dad97841
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
619b955964f271ac2904dc507de09c94ca99921e102f79070ff9f051b94637bc
77a69f7b7d7dfb79b127a222910d6c7aa324cdc9c2529553c6cd5fd6b57c61dd
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7f1ed1e82889fb61b62f4bde6142de1730fb78edd114bd853118705f9b80bc8d
865b1e11dd3fd87e121776a9a260b91fa102dd0dd30a743da2520bed849398c3
903ddbf571914727476324e0ed4773a006786c9effa8b6b316bc685eb7a55e9e
9fb17d262725fe62d06ab054473a48d4ade2643bc28deb1604b2dba50e71095b
a60f0bfa0403449e3e3705228aa8f010d4c4845445535fdd206341ffc31bc7fa
a697392e47cfcca70cb78c2d3e687d5f0ba65d53a2520e9a4babeadd6485ad89
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
cc7a1e492172ff138824358dbbd19ce25036065084f3f6bc5bf50ff4840b096e
d4adaaa7e1dfb57760bb24bec7f35ef9ceb111d3e1578515d63e406c80398fc2
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c