www.google.com Open in urlscan Pro
142.250.184.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cust94.capitalone.it/
Effective URL:
https://www.google.com/?gws_rd=ssl
Submission: On March 25 via api (March 25th 2024, 6:17:31 am UTC) from US — Scanned from IT

Summary HTTP 34 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 142.250.184.228, located in United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 5.
TLS certificate: Issued by GTS CA 1C3 on February 26th 2024. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	185.53.177.53 185.53.177.53	61969 (TEAMINTER...) (TEAMINTERNET-AS)
1	18.173.161.191 18.173.161.191	16509 (AMAZON-02) (AMAZON-02)
2	3.209.43.229 3.209.43.229	14618 (AMAZON-AES) (AMAZON-AES)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 3	51.195.7.19 51.195.7.19	16276 (OVH) (OVH)
1 1	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
3	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
2	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
34	9

4 185.53.177.53 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)

cust94.capitalone.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.161.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-161-191.muc50.r.cloudfront.net

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.43.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-43-229.compute-1.amazonaws.com

enlil-syf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.donkstar1.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.195.7.19 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3177896.ip-51-195-7.eu

redbnm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.206 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	google.com 2 redirects google.com — Cisco Umbrella Rank: 1 www.google.com — Cisco Umbrella Rank: 5 apis.google.com — Cisco Umbrella Rank: 259 adservice.google.com — Cisco Umbrella Rank: 190	626 KB
4	capitalone.it cust94.capitalone.it	4 KB
3	redbnm.com 1 redirects redbnm.com	2 KB
2	gstatic.com www.gstatic.com	77 KB
2	enlil-syf.com enlil-syf.com — Cisco Umbrella Rank: 366762	4 KB
1	donkstar1.online 1 redirects xml-v4.donkstar1.online	368 B
1	cloudfront.net d38psrni17bvxu.cloudfront.net	2 KB
34	7

	Domain	Requested by
22	www.google.com	1 redirects www.google.com
4	cust94.capitalone.it	d38psrni17bvxu.cloudfront.net cust94.capitalone.it
3	redbnm.com	1 redirects enlil-syf.com
2	www.gstatic.com	www.google.com
2	enlil-syf.com	cust94.capitalone.it enlil-syf.com
1	adservice.google.com
1	apis.google.com	www.gstatic.com
1	google.com	1 redirects
1	xml-v4.donkstar1.online	1 redirects
1	d38psrni17bvxu.cloudfront.net	cust94.capitalone.it
34	10

This site contains links to these domains. Also see Links.

Domain
mail.google.com
accounts.google.com
about.google
google.com
policies.google.com
support.google.com

Subject Issuer	Validity	Valid
redbnm.com R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/?gws_rd=ssl
Frame ID: 5ACE460FE8A836651378293B058CEEA0
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google

Page URL History Show full URLs

http://cust94.capitalone.it/ Page URL
http://enlil-syf.com/zclkvisitor/57f30d80-ea6f-11ee-9999-0affedc3987f/85aefdc2-9ed0-48aa-922d-60f... Page URL
http://enlil-syf.com/zclkredirect?visitid=57f30d80-ea6f-11ee-9999-0affedc3987f&type=js&browserWid... Page URL
http://xml-v4.donkstar1.online/click?seat=2585066&i=dLQx03OcAGs_0 HTTP 302
https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&sourc... Page URL
https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&sourc... HTTP 302
https://redbnm.com/nlp/index.php?url_bnm_redirect=http://google.com Page URL
http://google.com/ HTTP 301
http://www.google.com/ HTTP 302
https://www.google.com/?gws_rd=ssl Page URL

Page Statistics

34
Requests

79 %
HTTPS

8 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

712 kB
Transfer

2082 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://mail.google.com/mail/&ogbl
Title: Gmail

Search URL Search Domain Scan URL

URL: https://accounts.google.com/ServiceLogin?hl=it&passive=true&continue=https://www.google.com/%3Fgws_rd%3Dssl&ec=GAZAmgQ
Title: Accedi

Search URL Search Domain Scan URL

URL: https://about.google/?utm_source=google-US&utm_medium=referral&utm_campaign=hp-footer&fg=1
Title: Chi siamo

Search URL Search Domain Scan URL

URL: https://google.com/search/howsearchworks/?fg=1
Title: Come funziona la Ricerca

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=it-US&fg=1
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=it-US&fg=1
Title: Termini

Search URL Search Domain Scan URL

URL: https://support.google.com/websearch/?p=ws_results_help&hl=it-US&fg=1
Title: Cerca nella Guida

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cust94.capitalone.it/ Page URL
http://enlil-syf.com/zclkvisitor/57f30d80-ea6f-11ee-9999-0affedc3987f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=5810f5c7-ea6f-11ee-9999-0affedc3987f Page URL
http://enlil-syf.com/zclkredirect?visitid=57f30d80-ea6f-11ee-9999-0affedc3987f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FRome Page URL
http://xml-v4.donkstar1.online/click?seat=2585066&i=dLQx03OcAGs_0 HTTP 302
https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capital+one%2Cbank%2Ccredit+cards%2Cloans%2Ccapitalone%2Cfinance&state=25 Page URL
https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capital+one%2Cbank%2Ccredit+cards%2Cloans%2Ccapitalone%2Cfinance&state=25 HTTP 302
https://redbnm.com/nlp/index.php?url_bnm_redirect=http://google.com Page URL
http://google.com/ HTTP 301
http://www.google.com/ HTTP 302
https://www.google.com/?gws_rd=ssl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://xml-v4.donkstar1.online/click?seat=2585066&i=dLQx03OcAGs_0 HTTP 302
https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capital+one%2Cbank%2Ccredit+cards%2Cloans%2Ccapitalone%2Cfinance&state=25

Request Chain 8

https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capital+one%2Cbank%2Ccredit+cards%2Cloans%2Ccapitalone%2Cfinance&state=25 HTTP 302
https://redbnm.com/nlp/index.php?url_bnm_redirect=http://google.com

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
cust94.capitalone.it/ 2 KB
2 KB 801ms
543ms Document
text/html 185.53.177.53
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cust94.capitalone.it/
Protocol: HTTP/1.1
Server: 185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d6920a754fdf1bf5413cf21f54658527e799d1bec1efcb047a701a30a1101561

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Accept-CH: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime: 30
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Mar 2024 06:17:23 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_aeZvfecMLA9lreZDyUwuaw4OquWt/bo06gWQ993myGNx2e5jpNqUCA2z+LMvPgoWaAzK3GVwkC9v+E9+D8EXgA==
X-Buckets: bucket011
X-Domain: capitalone.it
X-Language: italian
X-Redirect: zeropark_zeroclick
X-Subdomain: cust94
X-Template: tpl_CleanPeppermintBlack_twoclick

GET
H/1.1 200
OK js3.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ 1 KB
2 KB 426ms
98ms Script
application/javascript 18.173.161.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by: Host: cust94.capitalone.it
URL: http://cust94.capitalone.it/
Protocol: HTTP/1.1
Server: 18.173.161.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-161-191.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://cust94.capitalone.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 25 Mar 2024 04:32:36 GMT
Via: 1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
Last-Modified: Thu, 21 Mar 2024 11:48:11 GMT
Server: nginx
X-Amz-Cf-Pop: MUC50-P3
Age: 6287
ETag: "65fc1e7b-448"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1096
X-Amz-Cf-Id: 0oQB5mhfAGGYBS3hlLGeXvDuBvaYj7qCJ-he8Jiupg9hNm7WpxpTlg==

GET
H/1.1 200
OK track.php Show response
cust94.capitalone.it/ 0
608 B 49ms
49ms XHR
text/html 185.53.177.53
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cust94.capitalone.it/track.php?domain=capitalone.it&toggle=browserjs&uid=MTcxMTM0NzQ0My4xMTg3Ojc4NTkxZWQyZmZkY2YxMzI5NTRmNTExNGUxMTg2MWQ5YWQ4ZGQ3NTY3YjdmZjBiZTZhMjVhY2MwNzk0OTg0Yzc6NjYwMTE2ZjMxY2ZjYg%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: HTTP/1.1
Server: 185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://cust94.capitalone.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 25 Mar 2024 06:17:24 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: browserjs
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Accept-CH-Lifetime: 30
Connection: keep-alive

GET
H/1.1 201
Created ls.php
cust94.capitalone.it/ 16 B
906 B 50ms
50ms XHR
text/javascript 185.53.177.53
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cust94.capitalone.it/ls.php?t=660116f3&token=ce021dd44a1e64de1f09dda8f663a1c75ff2996f
Requested by: Host: cust94.capitalone.it
URL: http://cust94.capitalone.it/
Protocol: HTTP/1.1
Server: 185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://cust94.capitalone.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 25 Mar 2024 06:17:24 GMT
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding: chunked
Accept-CH-Lifetime: 30
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods: POST, OPTIONS
Charset: utf-8
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_eSsNn65eL+VS0eeX39QW6VDRcgLRW9SBhRe3hDWkZywJNSzUQgH9HzXxHSk6Xr9yu2f/BvHktrq/CC1UYJBfBQ==
Connection: keep-alive
X-Log-Success: 660116f4ee78ab849b036388

GET
H/1.1 200
OK track.php
cust94.capitalone.it/ 0
623 B 160ms
154ms XHR
text/html 185.53.177.53
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://cust94.capitalone.it/track.php?click=7162c277bee7a57acd4fecee12337f56ff485baa&domain=capitalone.it&uid=MTcxMTM0NzQ0My4xMTg3Ojc4NTkxZWQyZmZkY2YxMzI5NTRmNTExNGUxMTg2MWQ5YWQ4ZGQ3NTY3YjdmZjBiZTZhMjVhY2MwNzk0OTg0Yzc6NjYwMTE2ZjMxY2ZjYg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NjAxMTZmMzFjZjk2fHx8MTcxMTM0NzQ0My41Mzc1fGE3Nzg3MTg0MTc3ZjYwNGQwOTZmNWRkZTUyN2QzYjYwNjI0NjliODV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxjZTAyMWRkNDRhMWU2NGRlMWYwOWRkYThmNjYzYTFjNzVmZjI5OTZmfDB8fDB8MHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: HTTP/1.1
Server: 185.53.177.53 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://cust94.capitalone.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 25 Mar 2024 06:17:24 GMT
Content-Encoding: gzip
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: none
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Accept-CH-Lifetime: 30
X-View-Match: true
Connection: keep-alive

GET
H/1.1 200 85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d Show response
enlil-syf.com/zclkvisitor/57f30d80-ea6f-11ee-9999-0affedc3987f/ 3 KB
3 KB 293ms
263ms Document
text/html 3.209.43.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://enlil-syf.com/zclkvisitor/57f30d80-ea6f-11ee-9999-0affedc3987f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=5810f5c7-ea6f-11ee-9999-0affedc3987f

Requested by

Host: cust94.capitalone.it
URL: http://cust94.capitalone.it/

Protocol

HTTP/1.1

Server

3.209.43.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-43-229.compute-1.amazonaws.com

Software

meACugPK /

Resource Hash

446db7db195a088350a52454b075a366fe2abad0c15928a77feb565cd89651ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: http://cust94.capitalone.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Date: Mon, 25 Mar 2024 06:17:24 GMT
Server: meACugPK
Transfer-Encoding: chunked
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H/1.1 200 zclkredirect
enlil-syf.com/ 312 B
999 B 132ms
131ms Document
text/html 3.209.43.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://enlil-syf.com/zclkredirect?visitid=57f30d80-ea6f-11ee-9999-0affedc3987f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FRome

Requested by

Host: enlil-syf.com
URL: http://enlil-syf.com/zclkvisitor/57f30d80-ea6f-11ee-9999-0affedc3987f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=5810f5c7-ea6f-11ee-9999-0affedc3987f

Protocol

HTTP/1.1

Server

3.209.43.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-43-229.compute-1.amazonaws.com

Software

meACugPK /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: http://enlil-syf.com/zclkvisitor/57f30d80-ea6f-11ee-9999-0affedc3987f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=5810f5c7-ea6f-11ee-9999-0affedc3987f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Date: Mon, 25 Mar 2024 06:17:24 GMT
Server: meACugPK
Transfer-Encoding: chunked
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
redirected: JS
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H/1.1

200
OK

cvjvl2k.php Show response
redbnm.com/
Redirect Chain

http://xml-v4.donkstar1.online/click?seat=2585066&i=dLQx03OcAGs_0
https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capi...

1 KB
996 B

196ms
70ms

Document
text/html

51.195.7.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capital+one%2Cbank%2Ccredit+cards%2Cloans%2Ccapitalone%2Cfinance&state=25

Requested by

Host: enlil-syf.com
URL: http://enlil-syf.com/zclkredirect?visitid=57f30d80-ea6f-11ee-9999-0affedc3987f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FRome

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

51.195.7.19 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3177896.ip-51-195-7.eu

Software

nginx/1.24.0 /

Resource Hash

936098d5403b2b173dc1241dd9386d51f43b0982c07eb6931361b6c3f6d59577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://enlil-syf.com/zclkredirect?visitid=57f30d80-ea6f-11ee-9999-0affedc3987f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B01%3A00&timezoneName=Europe%2FRome
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Mar 2024 06:17:25 GMT
Server: nginx/1.24.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Location: https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capital+one%2Cbank%2Ccredit+cards%2Cloans%2Ccapitalone%2Cfinance&state=25

GET
H/1.1

200
OK

index.php Show response
redbnm.com/nlp/
Redirect Chain

https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capi...
https://redbnm.com/nlp/index.php?url_bnm_redirect=http://google.com

62 B
329 B

32ms
31ms

Document
text/html

51.195.7.19
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://redbnm.com/nlp/index.php?url_bnm_redirect=http://google.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

51.195.7.19 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3177896.ip-51-195-7.eu

Software

nginx/1.24.0 /

Resource Hash

06fa9277a7f41db91096af3b9087516502f99ec5c62209d8f20426621ee1909f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://redbnm.com
Referer: https://redbnm.com/cvjvl2k.php?key=rck0823mu6hjfznep76o&conversion=mqTJD6FRt10&bid=0.0125&source_subid=10948487205&banner=5944749&carrier=Global+Router&IP=185.198.62.224&campaign=1118430&query=capital+one%2Cbank%2Ccredit+cards%2Cloans%2Ccapitalone%2Cfinance&state=25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Mar 2024 06:17:25 GMT
Server: nginx/1.24.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Mar 2024 06:17:25 GMT
Location: https://redbnm.com/nlp/index.php?url_bnm_redirect=http://google.com
Server: nginx/1.24.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

GET
H2

200

Primary Request / Show response
www.google.com/
Redirect Chain

http://google.com/
http://www.google.com/
https://www.google.com/?gws_rd=ssl

200 KB
57 KB

555ms
153ms

Document
text/html

142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/?gws_rd=ssl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

gws /

Resource Hash

c5fa21e8a1fe8affd443ba7e7c8184b6801369f0b5e6c55286bcb6b07853a9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://redbnm.com/nlp/index.php?url_bnm_redirect=http://google.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 56217
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-5MNU1XPOvy7GL6y7NEZ05Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Mon, 25 Mar 2024 06:17:27 GMT
expires: -1
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

Cache-Control: private
Content-Length: 231
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-zuajygc1hmq9v6aH-ZuPHA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
Content-Type: text/html; charset=UTF-8
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Date: Mon, 25 Mar 2024 06:17:26 GMT
Location: https://www.google.com/?gws_rd=ssl
Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
Permissions-Policy: unload=()
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
Server: gws
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0

GET
H2 200 m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl Show response
www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIA... 844 KB
275 KB 32ms
31ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIAAAxGEACAAAAAAOQBCA7AIAUBAAAAAAAAAAAAgAAkCOaCBBQEQAAAAAAAAAAAAAAAqTRRYQw/d=1/ed=1/dg=2/br=1/rs=ACT90oHjYpWuljqeFabhuO6LKBBLSQUA1g/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl

Requested by

Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

sffe /

Resource Hash

7f9298b044e950d4ad7981dc5cbe1b574857e580683a5537eba157f800d5a16a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 02:18:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280963
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 21:23:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Mar 2025 02:18:27 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 82ms
81ms Image
image/png 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 06:17:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5969
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 25 Mar 2024 06:17:27 GMT

GET
H2 200 rs=AA2YrTuqK5zupohdywxEVdO08ckxPTTkAA Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.ONu2-d3nfJQ.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ 212 KB
76 KB 437ms
36ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ONu2-d3nfJQ.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuqK5zupohdywxEVdO08ckxPTTkAA

Requested by

Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

5f56194356639902974aa44c13a4244773f81b81fb0d34dde11041aede00cf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 09:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77857
x-xss-protection: 0
last-modified: Sat, 16 Mar 2024 01:35:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 09:00:26 GMT

GET
H2 200 rs=AA2YrTuYcFfJCynAX2YrQ8DsIOONT0X9WA
www.gstatic.com/og/_/ss/k=og.qtm.KRY3GSse2XM.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/ 2 KB
1 KB 436ms
35ms Stylesheet
text/css 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.qtm.KRY3GSse2XM.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTuYcFfJCynAX2YrQ8DsIOONT0X9WA

Requested by

Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

4aadb7b877497c88851912a2d3c61d790ef48be7c807745209dd3f4801062941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 07:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 640
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 01:40:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Mar 2025 07:06:50 GMT

GET
H3 200 desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 660 B
682 B 18ms
17ms Image
image/webp 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp

Requested by

Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/?gws_rd=ssl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 06:17:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2020 22:00:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/webp
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 660
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 25 Mar 2024 06:17:27 GMT

POST
H3 204 gen_204
www.google.com/ 0
21 B 21ms
21ms Ping
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=9hYBZsOWPIiZi-gP2oGQiAk&rt=wsrt.1533,aft.130,afti.130,hst.31,prt.66&wh=1200&imn=10&ima=1&imad=0&imac=0&imf=0&aft=1&aftp=1200&opi=89978449

Requested by

Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-7O5faKoTF4QPItT_XIoz2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-7O5faKoTF4QPItT_XIoz2A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 25 Mar 2024 06:17:27 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
www.google.com/ 0
19 B 21ms
20ms Ping
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?atyp=csi&ei=9hYBZsOWPIiZi-gP2oGQiAk&s=webhp&t=all&wh=1200&imn=10&ima=1&imad=0&imac=0&imf=0&aft=1&aftp=1200&adh=&ime=1&imex=1&imeh=0&imeha=0&imehb=0&imea=0&imeb=0&imel=0&imed=0&scp=0&mem=ujhs.10,tjhs.11,jhsl.3760,dm.8&nv=ne.1,feid.a8d12748-9abf-421a-9096-37b212b26066&net=dl.9000,ect.4g,rtt.0&hp=&sys=hc.12&p=bs.true&rt=hst.31,aft.130,prt.66,afti.130,aftqf.131,xjses.148,xjsee.177,xjs.177,lcp.134,fcp.65,wsrt.1533,cst.401,dnst.0,rqst.206,rspt.54,sslt.93,rqstt.1381,unt.978,cstt.979,dit.1602&zx=1711347447297&opi=89978449

Requested by

Host: www.google.com
URL: https://www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIAAAxGEACAAAAAAOQBCA7AIAUBAAAAAAAAAAAAgAAkCOaCBBQEQAAAAAAAAAAAAAAAqTRRYQw/d=1/ed=1/dg=2/br=1/rs=ACT90oHjYpWuljqeFabhuO6LKBBLSQUA1g/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-yWSUMIPHx4QRRUAl0bsLgg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-yWSUMIPHx4QRRUAl0bsLgg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 25 Mar 2024 06:17:27 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 search Show response
www.google.com/complete/ 45 B
84 B 37ms
37ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=it-US&authuser=0&psi=9hYBZsOWPIiZi-gP2oGQiAk.1711347447326&dpr=1&nolsbt=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

c0c6dc9a2f9598a8e7947e22a25609f619e05ae0b0747dfd46a58a2b3a919e8b

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-oCoRxV_AWl_LglMdMGGoSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 06:17:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-oCoRxV_AWl_LglMdMGGoSw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-encoding: br
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type: application/json; charset=UTF-8
cache-control: private, max-age=3600
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Mon, 25 Mar 2024 06:17:27 GMT

GET
H3 200 m=B2qlPe,DhPYme,GU4Gab,MpJwZc,NzU6V,UUJqVe,Wo3n8,aa,abd,async,epYOx,ms4mZb,mu,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch Show response
www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/ck=xjs.hd.P6qfBoPTfB4.L.W.O/am=AAAAAAAAAGAAAAAAAAAAAAAAAAAABAAQAAAAACABDYQDEIANCAAAAoDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMgEBEBAAkggBDkIACCBCQCkAgADAAAA... 480 KB
144 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/ck=xjs.hd.P6qfBoPTfB4.L.W.O/am=AAAAAAAAAGAAAAAAAAAAAAAAAAAABAAQAAAAACABDYQDEIANCAAAAoDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMgEBEBAAkggBDkIACCBCQCkAgADAAAAgAQAYIAYQMAABMADBAAAAh1AAAoAAAxGEACAAAAAAOQBCA7AIAUBAAAAAAAAAAAAgAAkCOaCBBQEQAAAAAAAAAAAAAAAqTRRYQw/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFFQB09Lbtaj1a8XAFuxzhe0GYoZw/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,GU4Gab,MpJwZc,NzU6V,UUJqVe,Wo3n8,aa,abd,async,epYOx,ms4mZb,mu,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2dd722d0be1eeb38544723f53372438f6367459056181ad73e18cff9d67714c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 07:28:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147169
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 21:23:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Mar 2025 07:28:44 GMT

GET
H3 200 rs=ACT90oHjYpWuljqeFabhuO6LKBBLSQUA1g Show response
www.google.com/xjs/_/js/md=3/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0... 185 KB
92 KB 12ms
11ms Fetch
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/js/md=3/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIAAAxGEACAAAAAAOQBCA7AIAUBAAAAAAAAAAAAgAAkCOaCBBQEQAAAAAAAAAAAAAAAqTRRYQw/rs=ACT90oHjYpWuljqeFabhuO6LKBBLSQUA1g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8047ab90ec912f5a6f4535928458f54a0fd34ab6c104eea1441bd88f256eea6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 02:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93823
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 21:23:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Mar 2025 02:56:17 GMT

GET
H3 204 client_204
www.google.com/ 0
20 B 29ms
29ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/client_204?atyp=i&biw=1600&bih=1200&ei=9hYBZsOWPIiZi-gP2oGQiAk&opi=89978449

Requested by

Host: www.google.com
URL: https://www.google.com/?gws_rd=ssl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-Pe25Q3BnisPWvvEk82NUPQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Pe25Q3BnisPWvvEk82NUPQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
date: Mon, 25 Mar 2024 06:17:27 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 m=syjs Show response
www.google.com/xjs/_/ss/k=xjs.hd.P6qfBoPTfB4.L.W.O/am=AAAAAAAAAGAAAAAAAAAAAAAAAAAABAAQAAAAAAABCIQDAIANAAAAAgCAAAACAACQAAAAABAEAAwAAAgAACAAQAgABEBAAkggBBkIACCBCQCkAgADAAAAgAQAAIAIQMAABMADBAAAAh1AAAg... 827 B
343 B 13ms
12ms Fetch
text/css 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/xjs/_/ss/k=xjs.hd.P6qfBoPTfB4.L.W.O/am=AAAAAAAAAGAAAAAAAAAAAAAAAAAABAAQAAAAAAABCIQDAIANAAAAAgCAAAACAACQAAAAABAEAAwAAAgAACAAQAgABEBAAkggBBkIACCBCQCkAgADAAAAgAQAAIAIQMAABMADBAAAAh1AAAgAAAxGEAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAACAAAABQAAAAAAAAAAAAAAAAAIA/d=0/dg=2/br=1/rs=ACT90oHA-IeNxGu27w5VLAEBPuKdF7Qrvg/m=syjs?xjs=s3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14c10c303f38be853811217b64c51205417e52c4ebcca4637228fb61dc0715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 07:28:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 21:23:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Mar 2025 07:28:44 GMT

GET
H3 200 m=sy187,P10Owf,synp,sy16u,sy16w,gSZvdb,syt2,syt8,syt9,WlNQGd,synn,sytq,syts,nabPbb,syno,synq,synr,syns,synu,DPreE,syjs,syt1,syt3,CnSW2d,kQvlef,sytr,fXO0xe Show response
www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIA... 23 KB
7 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f1d2ffca8e70bdbd8effa4be3f1c7777861c28dfa89fb768e9b98c56a3240e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 02:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7509
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 21:23:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Mar 2025 02:27:51 GMT

POST
H3 204 gen_204
www.google.com/ 0
19 B 21ms
21ms Ping
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?atyp=i&ei=9hYBZsOWPIiZi-gP2oGQiAk&dt19=2&zx=1711347447435&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-jZAbVYZJhlyekRRDxXj2OQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-jZAbVYZJhlyekRRDxXj2OQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 25 Mar 2024 06:17:27 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 client_204 Show response
www.google.com/ 0
22 B 36ms
36ms XHR
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/client_204?cs=1&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-u3ElI8RrKenOhUorWkJbXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-u3ElI8RrKenOhUorWkJbXg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
date: Mon, 25 Mar 2024 06:17:27 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
www.google.com/ 0
19 B 20ms
19ms Ping
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?atyp=csi&ei=9hYBZsOWPIiZi-gP2oGQiAk&s=promo&rt=hpbas.319&zx=1711347447437&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-M4ruFbS_pAWrBi6kkAT2bw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-M4ruFbS_pAWrBi6kkAT2bw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 25 Mar 2024 06:17:27 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hpba Show response
www.google.com/async/ 86 B
134 B 39ms
38ms XHR
text/plain 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/async/hpba?vet=10ahUKEwjD6aiF4o6FAxWIzAIHHdoABJEQj-0KCB0..i&ei=9hYBZsOWPIiZi-gP2oGQiAk&opi=89978449&yv=3&cs=0&async=_ck:xjs.hd.P6qfBoPTfB4.L.W.O,_k:xjs.hd.en.bGQhooF3Q8Y.O,_am:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIAAAxGEACAAAAAAOQBCA7AIAUBAAAAAAAAAAAAgAAkCOaCBBQEQAAAAAAAAAAAAAAAqTRRYQw,_cssam:AAAAAAAAAGAAAAAAAAAAAAAAAAAABAAQAAAAAAABCIQDAIANAAAAAgCAAAACAACQAAAAABAEAAwAAAgAACAAQAgABEBAAkggBBkIACCBCQCkAgADAAAAgAQAAIAIQMAABMADBAAAAh1AAAgAAAxGEAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAACAAAABQAAAAAAAAAAAAAAAAAIA,_csss:ACT90oHA-IeNxGu27w5VLAEBPuKdF7Qrvg,_fmt:prog,_id:a3JU5b

Requested by

Host: www.google.com
URL: https://www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/ck=xjs.hd.P6qfBoPTfB4.L.W.O/am=AAAAAAAAAGAAAAAAAAAAAAAAAAAABAAQAAAAACABDYQDEIANCAAAAoDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMgEBEBAAkggBDkIACCBCQCkAgADAAAAgAQAYIAYQMAABMADBAAAAh1AAAoAAAxGEACAAAAAAOQBCA7AIAUBAAAAAAAAAAAAgAAkCOaCBBQEQAAAAAAAAAAAAAAAqTRRYQw/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/ujg=1/rs=ACT90oFFQB09Lbtaj1a8XAFuxzhe0GYoZw/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=B2qlPe,DhPYme,GU4Gab,MpJwZc,NzU6V,UUJqVe,Wo3n8,aa,abd,async,epYOx,ms4mZb,mu,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

c166ca8a475d98a1a9355995b85cfa6becf65d76df7e6d224021b15fee2a7ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Mon, 25 Mar 2024 06:17:27 GMT
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
content-type: text/plain; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
version: 617078830

GET
H3 200 m=syel,aLUfP Show response
www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIA... 2 KB
659 B 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2cbbe452fcee306069e8068e02fdeefcc0f71cc485a5e52e6f329a46221528d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 02:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 633
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 21:23:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Mar 2025 02:27:51 GMT

GET
H3 200 m=kMFpHd,sy8j,bm51tf Show response
www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIA... 2 KB
843 B 11ms
11ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da54b43a30a1161e8c8d0f9c8f3b05b9bbb4cbe8909a6b75d9909f12f15906a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 02:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gws-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 21:23:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Mar 2025 02:27:52 GMT

POST
H3 204 gen_204
www.google.com/ 0
20 B 22ms
21ms Ping
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?atyp=csi&ei=9xYBZuHsG42D9u8Pq_S4kAg&s=async&astyp=hpba&ima=0&imn=0&mem=ujhs.10,tjhs.11,jhsl.3760,dm.8&nv=ne.1,feid.a8d12748-9abf-421a-9096-37b212b26066&hp=&rt=ttfb.48,st.49,bs.27,aaft.59,acrt.59,art.60&zx=1711347447497&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-787prtJDjkXWS2k_h1fl9A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-787prtJDjkXWS2k_h1fl9A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 25 Mar 2024 06:17:27 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
www.google.com/ 0
20 B 22ms
21ms Ping
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?atyp=csi&ei=9hYBZsOWPIiZi-gP2oGQiAk&s=promo&rt=hpbas.319,hpbarr.60&zx=1711347447497&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-RoDz5poO259E3OE9ehpnSg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-RoDz5poO259E3OE9ehpnSg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 25 Mar 2024 06:17:27 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/ 118 KB
40 KB 516ms
58ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-soQ1xukOpN46EKPUFps9DoQSPjw/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.ONu2-d3nfJQ.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTuqK5zupohdywxEVdO08ckxPTTkAA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

sffe /

Resource Hash

436edee986b9c043453b22c0a708c0738c5900ad7af60ad2538cbada5792996b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 17:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40748
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 15:11:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 17:00:20 GMT

GET
H2 204 ui
adservice.google.com/adsid/google/ 0
0 465ms
42ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adservice.google.com/adsid/google/ui
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 204 gen_204
www.google.com/ 0
21 B 21ms
20ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=9hYBZsOWPIiZi-gP2oGQiAk&zx=1711347448275&opi=89978449

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-1tb5hb9Cn3VyDOO_vgpjAA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-1tb5hb9Cn3VyDOO_vgpjAA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 25 Mar 2024 06:17:28 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
redbnm.com/	1970-01-20 19:23:53	Name: uclick Value: gxgm9lzw
redbnm.com/	1970-01-20 19:23:53	Name: uclickhash Value: gxgm9lzw-gxgm9lzw-bl-0-gx-sc0-8w3y-087164
.google.com/	1970-01-20 20:05:39	Name: 1P_JAR Value: 2024-03-25-06
.google.com/	1970-01-20 23:41:39	Name: AEC Value: Ae3NU9MXcb1J9_7x6eLq__bf6iWsxfMZ_6S0T42S6ahqqjtI7drTP_8jGw
.google.com/	1970-01-20 23:45:58	Name: NID Value: 512=jh1j_y7HUJ36oyBuVw5IENJkre3Ko3d2z3QsfecWn0_b7oQmhocUV9cF49mzm9uRx-ZNzXAIhYpKl1gk6C_O0rG-SpIPSADA4Lkmo4zGdaNjac3pqDsBjMvYljZ5l50dcoiNa5eOVKkP3Ylp9047XBTGF1rEA1lr6XJL8YfMYdk
.google.com/	1970-01-21 04:52:14	Name: __Secure-ENID Value: 18.SE=KkNhXFfclq2oUhgg-Izck9E7RgsQqUYC8LkyptWhzWZwFZn3J7TQ-fRzSG34MCNzZYhyi9ULyGCiKMdhgZvg_A2Hlnec4EE8MDW4jji86Dtzw78Rcp6nPf8PVkou3R9gCEyVFKl5Xi0urjfhrENaxDM2mgXLd4jxMSp9otUbuhR85PMyiOvIpyIVvPGNbouSReY

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.google.com/?gws_rd=ssl Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: https://www.google.com/?gws_rd=ssl Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
violation	error	URL: https://www.google.com/xjs/_/js/k=xjs.hd.en.bGQhooF3Q8Y.O/am=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAACABBQAAEAAACAAAAIDACAACAAHYAJAICBAEAAwAIAjAQ7kAQMAEAAAAAgAgBCAIAAABAACAAgAAAAAAAAAAYIAQAAAAAAAAAAAAAB0AAAIAAAxGEACAAAAAAOQBCA7AIAUBAAAAAAAAAAAAgAAkCOaCBBQEQAAAAAAAAAAAAAAAqTRRYQw/d=1/ed=1/dg=2/br=1/rs=ACT90oHjYpWuljqeFabhuO6LKBBLSQUA1g/ee=ALeJib:B8gLwd;AfeaP:TkrAjf;Afksuc:wMx0R;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DM55c:imLrKe;DULqB:RKfG5c;Dkk6ge:wJqrrd;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;EnlcNd:WeHg4;Erl4fe:FloWmf,FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;HMDDWe:G8QUdb;HqeXPd:cmbnH;IBADCc:RYquRb;IoGlCf:b5lhvb;IsdWVc:qzxzOb;JXS8fb:Qj0suc;JbMT3:M25sS;JsbNhc:Xd8iUd;KOxcK:OZqGte;KQzWid:ZMKkN;KcokUb:KiuZBf;KeeMUb:HiPxjc;KpRAue:Tia57b;LBgRLc:XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;OgagBe:cNTe0;Oj465e:KG2eXe,KG2eXe;OohIYe:mpEAQb;Pjplud:EEDORb,PoEs9b;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;RDNBlf:zPRCJb;SLtqO:Kh1xYe;SMDL4c:fTfGO,fTfGO;SNUn3:ZwDk9d,x8cHvb;ShpF6e:N0pvGc;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VsAqSb:PGf2Re;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;XUezZ:sa7lqb;YV5bee:IvPZ6d;YkQtAf:rx8ur;ZMvdv:PHFPjb;ZWEUA:afR4Cf;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bFZ6gf:RsDQqe;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;coJ8e:KvoW8;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;eO3lse:nFClrf;fWLTFc:TVBJbf;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;h3MYod:cEt90b;hK67qb:QWEO5b;heHB1:sFczq;hjRo6e:F62sG;hsLsYc:Vl118;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;k2Qxcb:XY51pe;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kbAm9d:MkHyGd;lkq0A:JyBE3e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,fTfGO;oUlnpc:RagDlc;okUaUd:wItadb;p2tIDb:tp1Cx;pKJiXd:VCenhc;pNsl2d:j9Yuyc;pXdRYb:JKoKVe;pj82le:mg5CW;qZx2Fc:j0xrE;qaS3gd:yiLg6e;qavrXe:zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uuQkY:u2V3ud;vGrMZ:lPJJ0c;vfVwPd:lcrkwe;w3bZCb:ZPGaIb;w4rSdf:XKiZ9;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zaIgPb:Qtpxbd/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl(Line 417) Message: Permissions policy violation: unload is not allowed in this document.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
apis.google.com
cust94.capitalone.it
d38psrni17bvxu.cloudfront.net
enlil-syf.com
google.com
redbnm.com
www.google.com
www.gstatic.com
xml-v4.donkstar1.online
142.250.184.228
142.250.185.206
142.250.185.68
142.250.186.130
172.217.18.14
173.239.53.32
18.173.161.191
185.53.177.53
216.58.212.131
2a00:1450:4001:80e::2004
3.209.43.229
51.195.7.19
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
06fa9277a7f41db91096af3b9087516502f99ec5c62209d8f20426621ee1909f
1f1d2ffca8e70bdbd8effa4be3f1c7777861c28dfa89fb768e9b98c56a3240e2
2b14c10c303f38be853811217b64c51205417e52c4ebcca4637228fb61dc0715
436edee986b9c043453b22c0a708c0738c5900ad7af60ad2538cbada5792996b
446db7db195a088350a52454b075a366fe2abad0c15928a77feb565cd89651ec
4aadb7b877497c88851912a2d3c61d790ef48be7c807745209dd3f4801062941
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5f56194356639902974aa44c13a4244773f81b81fb0d34dde11041aede00cf98
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
7f9298b044e950d4ad7981dc5cbe1b574857e580683a5537eba157f800d5a16a
8047ab90ec912f5a6f4535928458f54a0fd34ab6c104eea1441bd88f256eea6c
936098d5403b2b173dc1241dd9386d51f43b0982c07eb6931361b6c3f6d59577
c0c6dc9a2f9598a8e7947e22a25609f619e05ae0b0747dfd46a58a2b3a919e8b
c166ca8a475d98a1a9355995b85cfa6becf65d76df7e6d224021b15fee2a7ae3
c5fa21e8a1fe8affd443ba7e7c8184b6801369f0b5e6c55286bcb6b07853a9bb
d6920a754fdf1bf5413cf21f54658527e799d1bec1efcb047a701a30a1101561
da54b43a30a1161e8c8d0f9c8f3b05b9bbb4cbe8909a6b75d9909f12f15906a2
e2dd722d0be1eeb38544723f53372438f6367459056181ad73e18cff9d67714c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2cbbe452fcee306069e8068e02fdeefcc0f71cc485a5e52e6f329a46221528d

www.google.com Open in urlscan Pro 142.250.184.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

34 Requests

79 %HTTPS

8 %IPv6

7 Domains

10 Subdomains

9 IPs

3 Countries

712 kBTransfer

2082 kBSize

6 Cookies

7 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.google.com Open in urlscan Pro
142.250.184.228 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

79 %
HTTPS

8 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

712 kB
Transfer

2082 kB
Size

6
Cookies

34 HTTP transactions
0 data transactions