em.cloudwhitepaper.com Open in urlscan Pro
99.84.88.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju
Submission: On December 07 via manual (December 7th 2023, 1:15:44 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 99.84.88.54, located in United States and belongs to AMAZON-02, US. The main domain is em.cloudwhitepaper.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 6th 2023. Valid for: a year.

This is the only time em.cloudwhitepaper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	99.84.88.54 99.84.88.54	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.121 99.84.88.121	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.81 18.66.192.81	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
14	7

1 99.84.88.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-54.muc50.r.cloudfront.net

em.cloudwhitepaper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-121.muc50.r.cloudfront.net

forms.msgfocus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-81.muc50.r.cloudfront.net

e.demandtalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	gstatic.com www.gstatic.com fonts.gstatic.com	672 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	40 KB
1	demandtalk.com e.demandtalk.com	1 KB
1	msgfocus.com forms.msgfocus.com — Cisco Umbrella Rank: 643133	2 KB
1	cloudwhitepaper.com em.cloudwhitepaper.com	3 KB
14	5

	Domain	Requested by
6	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	em.cloudwhitepaper.com www.gstatic.com www.google.com
1	fonts.gstatic.com	www.google.com
1	e.demandtalk.com	em.cloudwhitepaper.com
1	forms.msgfocus.com	em.cloudwhitepaper.com
1	em.cloudwhitepaper.com
14	6

This site contains no links.

Subject Issuer	Validity	Valid
dg-0135-90c0233.client-tls.adestra.com Amazon RSA 2048 M01	`2023-09-06` - `2024-10-05`	a year	crt.sh
*.msgfocus.com Amazon RSA 2048 M02	`2023-07-10` - `2024-08-06`	a year	crt.sh
dg-0132-c409dfb.client-tls.adestra.com Amazon RSA 2048 M03	`2023-08-17` - `2024-09-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju
Frame ID: 1867E7591648B52969AF0AF3845B63C0
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvdCUUAAAAAKp_zIqdD5bsG_i6IqdRFBjxKjVW&co=aHR0cHM6Ly9lbS5jbG91ZHdoaXRlcGFwZXIuY29tOjQ0Mw..&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=normal&cb=mpy0lujj4lhx
Frame ID: 46A0D34E03B30375A7826D73E0EDE054
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LdvdCUUAAAAAKp_zIqdD5bsG_i6IqdRFBjxKjVW
Frame ID: C9E8DB6285C4C9325A51501FFA1E54C7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Unsubscribe

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

717 kB
Transfer

1734 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1ceADaThH1JZb94syrCju Show response
em.cloudwhitepaper.com/k/ 3 KB
3 KB 326ms
284ms Document
text/html 99.84.88.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-54.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0c6a6651d22f3fcf1be51f176b8817254a7bf2c105fbb4fea0c7807244f5eecb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 01:15:39 GMT
server: CloudFront
via: 1.1 24d97ac79c66f25c7df0732cb86ef322.cloudfront.net (CloudFront)
x-amz-cf-id: zTvbcWpcjpLuwE3WrYpi2IwoU90GzkZyl92K2uBdQb0a-rgvQKQKQg==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront

GET
H2 200 style.css
forms.msgfocus.com/forms/default/ 3 KB
2 KB 66ms
32ms Stylesheet
text/css 99.84.88.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.msgfocus.com/forms/default/style.css
Requested by: Host: em.cloudwhitepaper.com
URL: https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-121.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 96a77331b948d3fdbf63b4a70b0163bba5f3db0c9a113673e71c1d8d40ab8b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://em.cloudwhitepaper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 23:37:54 GMT
content-encoding: gzip
via: 1.1 39ed76664123c3090231ff0882467152.cloudfront.net (CloudFront)
last-modified: Fri, 05 Apr 2019 11:15:42 GMT
server: Apache
x-amz-cf-pop: MUC50-C1
age: 5866
etag: W/"d44-585c69b803910"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=7200
x-amz-cf-id: dh_Kf4StIbkAWNKl_0l-bse-t55AFguw65T9q-cMOTiJYisIUT5Ubw==
expires: Thu, 07 Dec 2023 01:37:53 GMT

GET
H2 200 email-icon-vector-illustration.png
e.demandtalk.com/files/amf_binary_demand/workspace_1/ 674 B
1 KB 149ms
75ms Image
image/png 18.66.192.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.demandtalk.com/files/amf_binary_demand/workspace_1/email-icon-vector-illustration.png
Requested by: Host: em.cloudwhitepaper.com
URL: https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-81.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 17f11e1c5a206a2e092975f02f1f179b4de872057bc4138a5f0b94ac845fad9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://em.cloudwhitepaper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 01:15:39 GMT
via: 1.1 dcfe318aa268be733627ea7884246be4.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 09:54:41 GMT
server: nginx
x-amz-cf-pop: MUC50-P1
etag: "64e728e1-2a2"
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 674
x-amz-cf-id: IKGlzWXP7uQ1xH_tjsqXvMkMvZCAUVEMmIdZMBEz3h1Qlg3PW5aMiQ==
expires: Thu, 07 Dec 2023 01:45:39 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: em.cloudwhitepaper.com
URL: https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78d7bb0b5371e973a752330ab8b3e10e1b79375a4cf0e4053ebb201cd6d3dd17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://em.cloudwhitepaper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 01:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 01:15:39 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 504 KB
202 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://em.cloudwhitepaper.com/
Origin: https://em.cloudwhitepaper.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 01:29:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 46A0 64 KB
37 KB 42ms
42ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvdCUUAAAAAKp_zIqdD5bsG_i6IqdRFBjxKjVW&co=aHR0cHM6Ly9lbS5jbG91ZHdoaXRlcGFwZXIuY29tOjQ0Mw..&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=normal&cb=mpy0lujj4lhx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42aae10ad590afd3aa9bdea5e60a0b643c104bb5e1da102803b60ddf8b9beab1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hHb44P_jzrYofnkrOcJrzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://em.cloudwhitepaper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hHb44P_jzrYofnkrOcJrzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 01:15:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 46A0 55 KB
24 KB 23ms
9ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvdCUUAAAAAKp_zIqdD5bsG_i6IqdRFBjxKjVW&co=aHR0cHM6Ly9lbS5jbG91ZHdoaXRlcGFwZXIuY29tOjQ0Mw..&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=normal&cb=mpy0lujj4lhx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 01:29:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame 46A0 504 KB
202 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 01:29:00 GMT

GET
DATA 200
OK truncated
/ Frame 46A0 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 46A0 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 46A0 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:37:20 GMT
x-content-type-options: nosniff
age: 207499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Dec 2023 15:37:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 46A0 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:11 GMT
x-content-type-options: nosniff
age: 181948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:43:11 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 46A0 102 B
134 B 17ms
17ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvdCUUAAAAAKp_zIqdD5bsG_i6IqdRFBjxKjVW&co=aHR0cHM6Ly9lbS5jbG91ZHdoaXRlcGFwZXIuY29tOjQ0Mw..&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=normal&cb=mpy0lujj4lhx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 01:15:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 07 Dec 2023 01:15:39 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C9E8 7 KB
1 KB 26ms
25ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LdvdCUUAAAAAKp_zIqdD5bsG_i6IqdRFBjxKjVW

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

29d169bce8bd13d8a1903c1d990b18ee70cae33ad0d338bd0ad1e90ca2d9fdc0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PnX4nEbx7cgJTouU83d7Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://em.cloudwhitepaper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PnX4nEbx7cgJTouU83d7Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 01:15:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame C9E8 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LdvdCUUAAAAAKp_zIqdD5bsG_i6IqdRFBjxKjVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 01:29:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame C9E8 504 KB
202 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&k=6LdvdCUUAAAAAKp_zIqdD5bsG_i6IqdRFBjxKjVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 01:29:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju Message: Mixed Content: The page at 'https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju' was loaded over HTTPS, but requested an insecure element 'http://e.demandtalk.com/files/amf_binary_demand/workspace_1/email-icon-vector-illustration.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju(Line 11) Message: Mixed Content: The page at 'https://em.cloudwhitepaper.com/k/1ceADaThH1JZb94syrCju' was loaded over HTTPS, but requested an insecure element 'http://e.demandtalk.com/files/amf_binary_demand/workspace_1/email-icon-vector-illustration.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e.demandtalk.com
em.cloudwhitepaper.com
fonts.gstatic.com
forms.msgfocus.com
www.google.com
www.gstatic.com
18.66.192.81
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
99.84.88.121
99.84.88.54
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c6a6651d22f3fcf1be51f176b8817254a7bf2c105fbb4fea0c7807244f5eecb
17f11e1c5a206a2e092975f02f1f179b4de872057bc4138a5f0b94ac845fad9d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
29d169bce8bd13d8a1903c1d990b18ee70cae33ad0d338bd0ad1e90ca2d9fdc0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42aae10ad590afd3aa9bdea5e60a0b643c104bb5e1da102803b60ddf8b9beab1
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78d7bb0b5371e973a752330ab8b3e10e1b79375a4cf0e4053ebb201cd6d3dd17
96a77331b948d3fdbf63b4a70b0163bba5f3db0c9a113673e71c1d8d40ab8b6b
c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c

em.cloudwhitepaper.com Open in urlscan Pro 99.84.88.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

7 IPs

2 Countries

717 kBTransfer

1734 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

em.cloudwhitepaper.com Open in urlscan Pro
99.84.88.54 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

717 kB
Transfer

1734 kB
Size

0
Cookies

14 HTTP transactions
2 data transactions