urlscan.io logo urlscan.io
SecurityTrails logo

track.nov0.net Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://track.nov0.net/
Submission: On September 25 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United Kingdom and belongs to CLOUDFLARENET, US. The main domain is track.nov0.net.
TLS certificate: Issued by GTS CA 1P5 on August 7th 2023. Valid for: 3 months.
This is the only time track.nov0.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2a06:98c1:3121::3 (United Kingdom)

ASN13335 (CLOUDFLARENET, US)
track.nov0.net
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:80b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
5 google.com
apis.google.com — Cisco Umbrella Rank: 242
accounts.google.com — Cisco Umbrella Rank: 71
51 KB
5 nov0.net
track.nov0.net
125 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
82 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
886 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
97 KB
15 5
Domain Requested by
5 track.nov0.net track.nov0.net
3 accounts.google.com apis.google.com
track.nov0.net
www.gstatic.com
2 apis.google.com track.nov0.net
apis.google.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com accounts.google.com
1 fonts.googleapis.com cdn.jsdelivr.net
1 cdn.jsdelivr.net track.nov0.net
15 7

This site contains no links.

Subject Issuer Validity Valid
nov0.net
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://track.nov0.net/
Frame ID: 9B22995C8502F68808FCD30213AB8E75
Requests: 11 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: E2A37D7E973DCDA8D575256FACD2AA36
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Post tracking

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • <link[^>]+semantic(?:\.min)\.css"
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

356 kB
Transfer

1239 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
track.nov0.net/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.nov0.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf670a303b54b619dd9e57b2564917cba0eb3265c05e681fbcc0b853ae963ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cf-cache-status
DYNAMIC
cf-ray
80c345541d6e0b4a-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 25 Sep 2023 12:29:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkLsDS%2FjfpeXZGeILkucj%2B0JhwElk%2F8%2B5TvSoQSkGGHAjB%2BpbyQFie1s7Yr7FJ6o1qkRDr%2B4AxbhANWGkj9oAru6OQwu0iFN%2BVoj26i69YeNLXwQqw7buA9E%2BeE4J0mmmM0o8F8mAsxDIc88ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-nf-request-id
01HB65145HGEMB91WPDDAPDHDA
semantic.min.css
cdn.jsdelivr.net/npm/semantic-ui/dist/ 		551 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/semantic-ui/dist/semantic.min.css
Requested by
Host: track.nov0.net
URL: https://track.nov0.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703190dfdc82861a4de6fce01db8c874612d43991713db6db42b08ed547d4ee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://track.nov0.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 12:29:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24593
x-jsd-version
2.5.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230024-FRA, cache-yyz4553-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"89aaf-9OgtcMcDm6e7qUui/SpkmOTCs+E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUOSXYn9vk%2FPY6oN26%2FZW7pzbBXsI8EInSPa15wqsfC0qNyh4784XPsZwwxJtz4%2BThqBiReUv7AGsIgvDZSRK5sZryUE5iYHLlg%2BCeQ1%2FX4jU43e39kRSwbzAMB%2B35jCXU5Px5yla8nw2jdEGTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80c34555ac04b97b-AMS
main.d8dbfe1f.chunk.css
track.nov0.net/static/css/ 		1 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://track.nov0.net/static/css/main.d8dbfe1f.chunk.css
Requested by
Host: track.nov0.net
URL: https://track.nov0.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf7a8b1d97684043f6558a2ab49335735afcef949e0f3b002057ea0d6f4be6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://track.nov0.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id
01HB6514B5H3WJ8NKM98JNZAKZ
date
Mon, 25 Sep 2023 12:29:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e6f2bf3411f9addf7eb682d4df41ba90-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7drwIvPIAI63L%2BbtFFEX3IBrOhiv%2B7VYe60sthdGCCxzN4mujZDT2MGPtE6R9eelvr2rE1Z3rAIoCNrIGW9HO5uCmhcWxgBfeoNxPpIAew0saPh64J8y2vsGHWviiiIi6Bgc3O%2B1L5h0%2BxZ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
80c345554f0f0b4a-AMS
alt-svc
h3=":443"; ma=86400
2.f7ac3cbe.chunk.js
track.nov0.net/static/js/ 		370 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.nov0.net/static/js/2.f7ac3cbe.chunk.js
Requested by
Host: track.nov0.net
URL: https://track.nov0.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c699afe883a97d3ed58232dbeddcd5880fa356a4667ddc373688aa3a425f025d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://track.nov0.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id
01HB6514B4RNJZHB1E9FHNK42X
date
Mon, 25 Sep 2023 12:29:07 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c793c0cb91d3e204ee3ab5fc6760721c-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=de351xAp%2FY7TMHva8mNRscG7SWXBq1f%2BoK6t3peIcoHaFPQD4UR0uEK7RxRUoN4YQC1qanuWNAd%2F8Z1xfUWSfp0HDn1DWnSir6fBk8EDY9fakKRCtVPIwRA7W5p953sYXHrcMB%2BHI%2BjNpvN%2FcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
80c345554f130b4a-AMS
alt-svc
h3=":443"; ma=86400
main.fd82980b.chunk.js
track.nov0.net/static/js/ 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.nov0.net/static/js/main.fd82980b.chunk.js
Requested by
Host: track.nov0.net
URL: https://track.nov0.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bcc67fcf1eda08583705ae92c77169bda2b3339c3da973b5a5349cb68662cea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://track.nov0.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id
01HB6514AXH1FECPKKAXJMCC1Y
date
Mon, 25 Sep 2023 12:29:07 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"118fa750112aa42b2fab886063e47dc5-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=015FhIJ0R5TDmMOkyCOZgvRgnJ33SQdeSlR5EWex4b2fL6CR%2FfyHiZHQDEQSBWgq%2Fcm1hLenYDs7JBS5LpCroBCekg37tMF75kdcd0uxvb7YiMlPg42ovpQV8QbIlxoAM6bI31a%2BjHVR95fj8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
80c345554f140b4a-AMS
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		3 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/semantic-ui/dist/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.jsdelivr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Sep 2023 12:29:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 11:23:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Sep 2023 12:29:06 GMT
google-icon.18121477.svg
track.nov0.net/static/media/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.nov0.net/static/media/google-icon.18121477.svg
Requested by
Host: track.nov0.net
URL: https://track.nov0.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f81ee177e5775e2022fe6541a80da64032e2751fad495bdeb23298029254a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://track.nov0.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-nf-request-id
01HB6514QBZH3D5CRHA5EG8K7H
date
Mon, 25 Sep 2023 12:29:07 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"bdaca2ad8502d20d1da9f4dd1d93b35a-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7LKhUA03ySaGUN4k52Ke3dGzgGrolREtMQcUX4HF5zaEBOJzoxkVzkywnZ5E%2B8sMXVTxpzyH13Qb2cPKgZ4ZbRKMYGNY2GqaCEb4iAyNfevmtAIt7eBnwE9waswjChSVU77yEeYtW0oc%2BJ3mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400, must-revalidate
cf-ray
80c34557ab71b93f-AMS
alt-svc
h3=":443"; ma=86400
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://track.nov0.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 21:18:33 GMT
x-content-type-options
nosniff
age
141034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 21:18:33 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://track.nov0.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 21:23:50 GMT
x-content-type-options
nosniff
age
140717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 21:23:50 GMT
api.js
apis.google.com/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: track.nov0.net
URL: https://track.nov0.net/static/js/2.f7ac3cbe.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6df0d30bf95f400f24b7fb07d3a11ef3c9832edf9630b076a2856f40f7e6c4b7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://track.nov0.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Sep 2023 12:29:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7117
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"267fe459e8bbab1c"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Sep 2023 12:29:07 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.bx759u4gsCM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-rbF3L8oYvfOxOWtHRWWA6l48SkA/ 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.bx759u4gsCM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-rbF3L8oYvfOxOWtHRWWA6l48SkA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
044c695cb98da67982392a582e238387e10d7f87280f1c28bcd2f63b118fa9c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://track.nov0.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 17:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40879
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 17:36:22 GMT
iframe
accounts.google.com/o/oauth2/ Frame E2A3 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.bx759u4gsCM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-rbF3L8oYvfOxOWtHRWWA6l48SkA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
786809df405a275222184457d06470b0a1ca9406e6a69634bda7830054afd74b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aLmV_H0seMhK_t7gAAYZAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://track.nov0.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aLmV_H0seMhK_t7gAAYZAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 12:29:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.nl.uzrn-VVL_3Y.es5.O/d=1/rs=AOaEmlF3AiSbp6EJQosUP87vGRav8JMS9Q/ Frame E2A3 		103 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.nl.uzrn-VVL_3Y.es5.O/d=1/rs=AOaEmlF3AiSbp6EJQosUP87vGRav8JMS9Q/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a1aa405af8499420336e2a630c2a8eea1382248db892cd35753bb23ed542df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 05:01:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35996
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 02:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 05:01:38 GMT
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame E2A3 		2 KB
914 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: track.nov0.net
URL: https://track.nov0.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01d459821d62069b3d4de48b600f65b64825db654e0cc1a4680c465ccdb4b1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 12:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame E2A3 		49 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Ftrack.nov0.net&client_id=55395292022-afmj9stc48g6ks1s6cq49vb477q1er4q
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.nl.uzrn-VVL_3Y.es5.O/d=1/rs=AOaEmlF3AiSbp6EJQosUP87vGRav8JMS9Q/m=base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hHj9ywWIyXeOy5MnJkWSIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 12:29:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-hHj9ywWIyXeOy5MnJkWSIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 25 Sep 2023 12:29:09 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| webpackJsonppackage-tracking-webapp object| regeneratorRuntime object| gapi object| ___jsl object| osapi

2 Cookies

Domain/Path Name / Value
.track.nov0.net/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=eCr08lczJLR2rOlnXzC0SUQxGtbS6rcZu6nB_DmT-SlwTcmwZkd-cHQyjWoEt0w5QLq_w41ejj3bQSYj-hMXPDXtNLuZ2bzSoUEowIUNHgJbeemmK1Jsg0xio6RR6m9gM6HvQMz9_af6uaM7XNxfbo5Mw7Q6kGkl732kLaqISkg

3 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.bx759u4gsCM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-rbF3L8oYvfOxOWtHRWWA6l48SkA/cb=gapi.loaded_0?le=scs(Line 186)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()