Submitted URL: http://185.14.29.4/
Effective URL: https://185.14.29.4/index.html
Submission Tags: falconsandbox
Submission: On August 13 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 29 HTTP transactions. The main IP is 185.14.29.4, located in Meppel, Netherlands and belongs to ITLDC-NL, UA. The main domain is 185.14.29.4.
TLS certificate: Issued by Managed CA 2fd2991d5436362f3a22d051bc... on March 9th 2021. Valid for: 2 years.
This is the only time 185.14.29.4 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 185.14.29.4 21100 (ITLDC-NL)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
29 4
Apex Domain
Subdomains
Transfer
16 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 580
3 MB
4 gstatic.com
fonts.gstatic.com
63 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
29 3
Domain Requested by
16 play-lh.googleusercontent.com 185.14.29.4
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com 185.14.29.4
29 3

This site contains no links.

Subject Issuer Validity Valid
Cloudflare
Managed CA 2fd2991d5436362f3a22d051bc7fe2be
2021-03-09 -
2023-03-09
2 years crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh

This page contains 1 frames:

Primary Page: https://185.14.29.4/index.html
Frame ID: 2219C4F18286B4FEDD8E86C7B66A10A8
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Epic Battle Simulator 2

Page URL History Show full URLs

  1. http://185.14.29.4/ HTTP 301
    https://185.14.29.4/ HTTP 302
    https://185.14.29.4/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

76 %
HTTPS

75 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

3227 kB
Transfer

3241 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://185.14.29.4/ HTTP 301
    https://185.14.29.4/ HTTP 302
    https://185.14.29.4/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.html
185.14.29.4/
Redirect Chain
  • http://185.14.29.4/
  • https://185.14.29.4/
  • https://185.14.29.4/index.html
14 KB
14 KB
Document
General
Full URL
https://185.14.29.4/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.14.29.4 Meppel, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-1001090.hosted-by-itldc.com
Software
nginx/1.23.1 /
Resource Hash
5d501920d4b31ccccee3c143135c21f37d60b391238cea4a9f68c726a7fed561

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
14436
Content-Type
text/html
Date
Sat, 13 Aug 2022 17:26:33 GMT
ETag
"62f4d2f6-3864"
Last-Modified
Thu, 11 Aug 2022 09:59:18 GMT
Server
nginx/1.23.1

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Aug 2022 17:26:33 GMT
Location
index.html
Server
nginx/1.23.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.10
pwa.css
185.14.29.4/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://185.14.29.4/css/pwa.css
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.14.29.4 Meppel, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-1001090.hosted-by-itldc.com
Software
nginx/1.23.1 /
Resource Hash
c43099099c019af53d6f92853963f000ad99d5aff82c8fd3cf9dd75e73cba19f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 17:26:33 GMT
Last-Modified
Thu, 11 Aug 2022 09:59:14 GMT
Server
nginx/1.23.1
ETag
"62f4d2f2-b6a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2922
lightgallery.min.css
185.14.29.4/template/lightgallery/css/
20 KB
21 KB
Stylesheet
General
Full URL
https://185.14.29.4/template/lightgallery/css/lightgallery.min.css
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.14.29.4 Meppel, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-1001090.hosted-by-itldc.com
Software
nginx/1.23.1 /
Resource Hash
d1df8df9d1d67466a619ade80097d4ab1af7270ea1cce76fd275404d3c41ae84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 17:26:33 GMT
Last-Modified
Thu, 11 Aug 2022 09:59:30 GMT
Server
nginx/1.23.1
ETag
"62f4d302-51e3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20963
index.css
185.14.29.4/template/
13 KB
13 KB
Stylesheet
General
Full URL
https://185.14.29.4/template/index.css
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.14.29.4 Meppel, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-1001090.hosted-by-itldc.com
Software
nginx/1.23.1 /
Resource Hash
8b1d9c33f2ec99729fb83944dac2ba04ce92dd9591066960c4f828b4e9585e23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 17:26:33 GMT
Last-Modified
Thu, 11 Aug 2022 09:59:26 GMT
Server
nginx/1.23.1
ETag
"62f4d2fe-3454"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13396
css
fonts.googleapis.com/
21 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext&display=swap
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1288911bfaabb27f0a203e3c5b91a82de48cac928f9419926df2573c5f55acf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 17:26:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 17:26:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 17:26:33 GMT
css
fonts.googleapis.com/
591 B
423 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Material+Icons&display=swap
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0aa6328e7f2a233bbcec8f632d3e00f888c33b9f1c120b5e87a94a913114efa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 13 Aug 2022 17:26:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 13 Aug 2022 17:26:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Aug 2022 17:26:33 GMT
8A5TmmZW-rdCVrJl21F3csdMD8MNO4nn5ZJioOk21KZUN8a-6hVtLY62x4iqj0Vkk58
play-lh.googleusercontent.com/
487 KB
487 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/8A5TmmZW-rdCVrJl21F3csdMD8MNO4nn5ZJioOk21KZUN8a-6hVtLY62x4iqj0Vkk58
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
173521d6237da12668082fcc2c43569489bac5b5b9d50235ba895b3f5633201e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 14:27:25 GMT
x-content-type-options
nosniff
age
10748
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
498277
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 24 Jun 2022 17:28:58 GMT
gi-GdN1vP6LR2lfpnj8CY5OSjxXZBLhZdfDHsKDQi-nSADsEqxEbhJhysocNXFsMKbY
play-lh.googleusercontent.com/
42 KB
42 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/gi-GdN1vP6LR2lfpnj8CY5OSjxXZBLhZdfDHsKDQi-nSADsEqxEbhJhysocNXFsMKbY
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
808fb638db4006bb530945ada07b0464b30fda510c7018713c7a9bc65ba78ef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42511
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:38:05 GMT
F6MegPeMJIcBokpqfJvYGrHjBnD4QuwrCuiFUpYcWSYht0D35eFmLSaBAleAGESb8DY
play-lh.googleusercontent.com/
177 KB
177 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/F6MegPeMJIcBokpqfJvYGrHjBnD4QuwrCuiFUpYcWSYht0D35eFmLSaBAleAGESb8DY
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
39369f127fd8ee69b59ff57fa7567ae5f0f5c91079eefa0a60553b8534313616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
181418
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 10:29:33 GMT
5e7Rh3AAecjvjEFSEPXiJNVxujcR43h2-OIpsG3yg0oAAWKmBpoLTnifVa546gciYJs
play-lh.googleusercontent.com/
172 KB
172 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/5e7Rh3AAecjvjEFSEPXiJNVxujcR43h2-OIpsG3yg0oAAWKmBpoLTnifVa546gciYJs
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
175812d4f60c56fefba0a4cab5e2ce6642eff707525e6864de9f06c08533b2dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
176032
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Aug 2022 23:14:05 GMT
iI_gRs-cO2OO2B1QhZRZ1jyBaKuwDbhx0sMSkX4gUV4aqGx8WvUFFKOoaK5BBID0_Q
play-lh.googleusercontent.com/
150 KB
150 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/iI_gRs-cO2OO2B1QhZRZ1jyBaKuwDbhx0sMSkX4gUV4aqGx8WvUFFKOoaK5BBID0_Q
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1783bb822e5fbde523f70d4d34648a7320a9d927f1687776adf17a804d2937a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153700
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:38:05 GMT
6BnTNOmrGL0q0bXEzo1IjXEOGjdnjXd-Yd82TZ5q3ruC_xSKxXRXwAC5JJ6Pyyi6hQE
play-lh.googleusercontent.com/
211 KB
211 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/6BnTNOmrGL0q0bXEzo1IjXEOGjdnjXd-Yd82TZ5q3ruC_xSKxXRXwAC5JJ6Pyyi6hQE
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fb6614bedec6e0de6a0d61e8b4cc98b098a2966935ab19d1ef6ea2d866c40121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216046
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 10 Aug 2022 17:32:36 GMT
EcwYJ72muzWByz63soVu8ts4pfy3uE-TyebD6AFJBuaZlqX3Myy2tztoCg-ybYInMM6c
play-lh.googleusercontent.com/
44 KB
44 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/EcwYJ72muzWByz63soVu8ts4pfy3uE-TyebD6AFJBuaZlqX3Myy2tztoCg-ybYInMM6c
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
db40bd4961d7d75113e762f5972160c3e6507213353ea0778db60fc128988ade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44598
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:38:05 GMT
FM6keeUsar1aFO_D6_wtM44K2G55ByNvEipqrgVKsJLqb_ywylRkqf9hGrLa-lrVCg
play-lh.googleusercontent.com/
211 KB
211 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/FM6keeUsar1aFO_D6_wtM44K2G55ByNvEipqrgVKsJLqb_ywylRkqf9hGrLa-lrVCg
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aef0f103c067fda3ec5f1e6357f6027c7ed734144c8ea5725fc4c6a25b41fed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216313
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:38:05 GMT
9verLa2FqlVhuIgXts8yeLLbst2UttJ7oIu6ylQScdtYBBJLMcfF3YVynKhUXs-n86s
play-lh.googleusercontent.com/
219 KB
219 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/9verLa2FqlVhuIgXts8yeLLbst2UttJ7oIu6ylQScdtYBBJLMcfF3YVynKhUXs-n86s
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c261b99574a2f27d7813cfb82b8db38d3ada71329e7b705b977c99fcbf539b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
224516
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 10:29:33 GMT
B4UioHcjP7QAAFFQMpEO2BF1t7Mt4Ixk8U5p7ZP6ZvXvLoBdaT3eRhpNF2yNT1OtJTI
play-lh.googleusercontent.com/
200 KB
200 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/B4UioHcjP7QAAFFQMpEO2BF1t7Mt4Ixk8U5p7ZP6ZvXvLoBdaT3eRhpNF2yNT1OtJTI
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2991bdf3c66e078dc01902d579850c016e0d1626090070794b74ff5a563eeef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204994
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:38:05 GMT
seNrvTJbfPidmiMloBDftSrT2FPXJLCsqfQoU4Lqlnib2FV2QXpa2UR0G85NT8u-llA
play-lh.googleusercontent.com/
244 KB
244 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/seNrvTJbfPidmiMloBDftSrT2FPXJLCsqfQoU4Lqlnib2FV2QXpa2UR0G85NT8u-llA
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a7f43773421208219642a128b487b84f2483492380a166d04b59d807789b706f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249679
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:38:05 GMT
SvGsI1DeGNwadxWMBvDbF8HIi6ld1zS3cPlG8TLA2XHnbexxEY3T6jk1ptDoEderX44
play-lh.googleusercontent.com/
44 KB
44 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/SvGsI1DeGNwadxWMBvDbF8HIi6ld1zS3cPlG8TLA2XHnbexxEY3T6jk1ptDoEderX44
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
db40bd4961d7d75113e762f5972160c3e6507213353ea0778db60fc128988ade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44598
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 10:29:33 GMT
5ulyXu2Oi3zTHsb1hanCOczQ400XKJmpXZx4ms3mKugRr1Tes08VpdBgqk2kB6idNac
play-lh.googleusercontent.com/
211 KB
211 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/5ulyXu2Oi3zTHsb1hanCOczQ400XKJmpXZx4ms3mKugRr1Tes08VpdBgqk2kB6idNac
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
aef0f103c067fda3ec5f1e6357f6027c7ed734144c8ea5725fc4c6a25b41fed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216313
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 10 Aug 2022 13:30:24 GMT
L3F4_IRLpDt4qHIcIX2eB95zZR9x2TUG0ucOdcj-WmTkOyBe5oNyFqq0zyib6A3ZkPg
play-lh.googleusercontent.com/
219 KB
219 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/L3F4_IRLpDt4qHIcIX2eB95zZR9x2TUG0ucOdcj-WmTkOyBe5oNyFqq0zyib6A3ZkPg
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c261b99574a2f27d7813cfb82b8db38d3ada71329e7b705b977c99fcbf539b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
224516
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 10:29:33 GMT
PInEZA-ZKe8eoyFu2AkkLuDJrJqVVsjOSRt0oMXFaKcfxMVw0AYpXOaursTc2P-ByQ
play-lh.googleusercontent.com/
200 KB
200 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/PInEZA-ZKe8eoyFu2AkkLuDJrJqVVsjOSRt0oMXFaKcfxMVw0AYpXOaursTc2P-ByQ
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2991bdf3c66e078dc01902d579850c016e0d1626090070794b74ff5a563eeef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204994
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:38:05 GMT
lIgQmpkQiHbYxsWq-edeex92cDCQZWTmGFaywMQAFc9Fufm5p2IQieeWanvJSt8D-Ybd
play-lh.googleusercontent.com/
244 KB
244 KB
Image
General
Full URL
https://play-lh.googleusercontent.com/lIgQmpkQiHbYxsWq-edeex92cDCQZWTmGFaywMQAFc9Fufm5p2IQieeWanvJSt8D-Ybd
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a7f43773421208219642a128b487b84f2483492380a166d04b59d807789b706f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 17:26:33 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249679
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 14 Aug 2022 07:38:05 GMT
star-full-big.png
185.14.29.4/template/img/
259 B
497 B
Image
General
Full URL
https://185.14.29.4/template/img/star-full-big.png
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.14.29.4 Meppel, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-1001090.hosted-by-itldc.com
Software
nginx/1.23.1 /
Resource Hash
0ebb9fe215655ca06215613c88e1e46b9d460f0dc32e3577d4f0593701cae3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 17:26:34 GMT
Last-Modified
Thu, 11 Aug 2022 09:59:26 GMT
Server
nginx/1.23.1
ETag
"62f4d2fe-103"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259
lightgallery.min.js
185.14.29.4/template/lightgallery/js/
25 KB
25 KB
Script
General
Full URL
https://185.14.29.4/template/lightgallery/js/lightgallery.min.js
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.14.29.4 Meppel, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-1001090.hosted-by-itldc.com
Software
nginx/1.23.1 /
Resource Hash
f00fde015dfe82311d99862488213cfa69ef2cee2239143a27e0d42ec802f2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 17:26:33 GMT
Last-Modified
Thu, 11 Aug 2022 09:59:38 GMT
Server
nginx/1.23.1
ETag
"62f4d30a-628f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25231
lg-video.min.js
185.14.29.4/template/lightgallery/js/
7 KB
8 KB
Script
General
Full URL
https://185.14.29.4/template/lightgallery/js/lg-video.min.js
Requested by
Host: 185.14.29.4
URL: https://185.14.29.4/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.14.29.4 Meppel, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS
vds-1001090.hosted-by-itldc.com
Software
nginx/1.23.1 /
Resource Hash
e67d6f74ef9691339885f3cbb2f1de4ec846922a62126ee8404e63f3cc5fbb04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 17:26:33 GMT
Last-Modified
Thu, 11 Aug 2022 09:59:38 GMT
Server
nginx/1.23.1
ETag
"62f4d30a-1d52"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7506
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://185.14.29.4
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:10:25 GMT
x-content-type-options
nosniff
age
249369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 20:10:25 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://185.14.29.4
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:38:19 GMT
x-content-type-options
nosniff
age
445695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 13:38:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://185.14.29.4
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 08:01:51 GMT
x-content-type-options
nosniff
age
206683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 08:01:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://185.14.29.4
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 05:29:41 GMT
x-content-type-options
nosniff
age
561413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Aug 2023 05:29:41 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| utils object| lgData object| lgModules function| lightGallery object| Lightgallery object| LgVideo

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
play-lh.googleusercontent.com
185.14.29.4
2a00:1450:4001:80e::2003
2a00:1450:4001:828::200a
2a00:1450:4001:830::2016
0aa6328e7f2a233bbcec8f632d3e00f888c33b9f1c120b5e87a94a913114efa8
0ebb9fe215655ca06215613c88e1e46b9d460f0dc32e3577d4f0593701cae3f5
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
1288911bfaabb27f0a203e3c5b91a82de48cac928f9419926df2573c5f55acf9
173521d6237da12668082fcc2c43569489bac5b5b9d50235ba895b3f5633201e
175812d4f60c56fefba0a4cab5e2ce6642eff707525e6864de9f06c08533b2dc
1783bb822e5fbde523f70d4d34648a7320a9d927f1687776adf17a804d2937a7
2991bdf3c66e078dc01902d579850c016e0d1626090070794b74ff5a563eeef4
39369f127fd8ee69b59ff57fa7567ae5f0f5c91079eefa0a60553b8534313616
5d501920d4b31ccccee3c143135c21f37d60b391238cea4a9f68c726a7fed561
808fb638db4006bb530945ada07b0464b30fda510c7018713c7a9bc65ba78ef1
8b1d9c33f2ec99729fb83944dac2ba04ce92dd9591066960c4f828b4e9585e23
a7f43773421208219642a128b487b84f2483492380a166d04b59d807789b706f
aef0f103c067fda3ec5f1e6357f6027c7ed734144c8ea5725fc4c6a25b41fed1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c261b99574a2f27d7813cfb82b8db38d3ada71329e7b705b977c99fcbf539b81
c43099099c019af53d6f92853963f000ad99d5aff82c8fd3cf9dd75e73cba19f
d1df8df9d1d67466a619ade80097d4ab1af7270ea1cce76fd275404d3c41ae84
db40bd4961d7d75113e762f5972160c3e6507213353ea0778db60fc128988ade
e67d6f74ef9691339885f3cbb2f1de4ec846922a62126ee8404e63f3cc5fbb04
f00fde015dfe82311d99862488213cfa69ef2cee2239143a27e0d42ec802f2f3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb6614bedec6e0de6a0d61e8b4cc98b098a2966935ab19d1ef6ea2d866c40121