urlscan.io logo urlscan.io
SecurityTrails logo

support.bernskioldmedia.com Open in urlscan Pro
54.159.143.110  Public Scan

Go To Rescan Add Verdict Report
URL: https://support.bernskioldmedia.com/
Submission: On July 04 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 54.159.143.110, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is support.bernskioldmedia.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 18th 2020. Valid for: 3 months.
This is the only time support.bernskioldmedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.159.143.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-143-110.compute-1.amazonaws.com
support.bernskioldmedia.com
2    2600:9000:21f3:f200:b:1881:c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3eto7onm69fcz.cloudfront.net
2    91.201.60.108 (Sweden)

ASN44136 (ASODERLAND, SE)
PTR: server11.serverdrift.com
bernskioldmedia.com
4    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    89.187.169.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-39.cdn77.com
cdn.rawgit.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    143.204.101.143 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-143.fra50.r.cloudfront.net
d33v4339jhl8k0.cloudfront.net
5    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Domain Requested by
5 www.gstatic.com www.google.com
4 www.google.com support.bernskioldmedia.com
www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com support.bernskioldmedia.com
2 bernskioldmedia.com support.bernskioldmedia.com
2 d3eto7onm69fcz.cloudfront.net support.bernskioldmedia.com
1 cdn.jsdelivr.net cdn.rawgit.com
1 d33v4339jhl8k0.cloudfront.net support.bernskioldmedia.com
1 cdn.rawgit.com support.bernskioldmedia.com
1 www.googletagmanager.com support.bernskioldmedia.com
1 support.bernskioldmedia.com
22 11

This site contains links to these domains. Also see Links.

Domain
www.bernskioldmedia.com
www.helpscout.com
Subject Issuer Validity Valid
support.bernskioldmedia.com
Let's Encrypt Authority X3		 2020-06-18 -
2020-09-16		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
bernskioldmedia.com
R3		 2021-06-17 -
2021-09-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
cdn.rawgit.com
R3		 2021-06-19 -
2021-09-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://support.bernskioldmedia.com/
Frame ID: 5AE6BB94466AAC68A8BE67558F4F775C
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&co=aHR0cHM6Ly9zdXBwb3J0LmJlcm5za2lvbGRtZWRpYS5jb206NDQz&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=normal&cb=7hvqbn3rru1v
Frame ID: BF0F06AB51130CB5D7484937069F4B81
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&cb=in07g198qd6
Frame ID: F9C6595E49FAF7D387C033B42CDD6BF1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

22
Requests

95 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

1006 kB
Transfer

1807 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
support.bernskioldmedia.com/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://support.bernskioldmedia.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.159.143.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-143-110.compute-1.amazonaws.com
Software
openresty /
Resource Hash
4605fd11e235c95ab71c327876a0b7c6299906cdb81df38c2040687acd7bdd6f

Request headers

Host
support.bernskioldmedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
openresty
Date
Sun, 04 Jul 2021 22:53:44 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PLAY_SESSION="b150a6d907dc914496360ae568a9f650a054bc90-siteId=596e3251042863033a1b31d4&hs.session.id=69KelivOu6HR3QA6jcst9MtpGO2XTKjR2UJkGMHRysxPC0zqPnOSW5pqubkT7RoA&hs.session.exp=1625525624857"; Expires=Mon, 04 Jul 2022 22:53:44 GMT; Path=/; Secure; HTTPOnly
Content-Encoding
gzip
launch-1624113269645.css
d3eto7onm69fcz.cloudfront.net/assets/stylesheets/ 		116 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3eto7onm69fcz.cloudfront.net/assets/stylesheets/launch-1624113269645.css
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f200:b:1881:c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
a24fde467a8465bdc7436814430bfd76e9ccf1e4bac33c74c8cff51ab96d9028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jan 2021 16:37:10 GMT
server
openresty
age
3574
etag
"cff8c7b990ffbb57d22641abc925d6c03d9e7f36"
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
public, max-age=3600
date
Sun, 04 Jul 2021 21:58:44 GMT
x-amz-cf-pop
FRA2-C2
content-length
119059
x-amz-cf-id
mCrTihxTGMkeNLCpnDRSOiV4WC3Y8JOtiYMWTO2arB9xR_k-ZBdDtw==
helpscout-v2.css
bernskioldmedia.com/ext/helpscout/ 		134 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bernskioldmedia.com/ext/helpscout/helpscout-v2.css
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.108 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
server11.serverdrift.com
Software
LiteSpeed /
Resource Hash
b62abed8d3c3cecfc6d80cbb06396e63e38a07cb2779d60163754276f26a997e

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 22:53:45 GMT
content-encoding
br
last-modified
Wed, 30 Jun 2021 21:40:12 GMT
server
LiteSpeed
etag
"2160e-60dce4bc-cf5b39a452ca87ad;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31557600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
88851
expires
Tue, 05 Jul 2022 04:53:45 GMT
api.js
www.google.com/recaptcha/ 		850 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b53381303a6bc0505e09d23f4c49c2e48e90493b8b78b9f7372682d0d27ac5e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 22:53:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
559
x-xss-protection
1; mode=block
expires
Sun, 04 Jul 2021 22:53:45 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-19733539-10
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b275d0c60d29dab71af7675d1e7086d97666a01f1520dae32f85a2ec9875f690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 22:53:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36984
x-xss-protection
0
last-modified
Sun, 04 Jul 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Jul 2021 22:53:45 GMT
run_prettify.js
cdn.rawgit.com/google/code-prettify/master/loader/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rawgit.com/google/code-prettify/master/loader/run_prettify.js
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-39.cdn77.com
Software
BunnyCDN-DE1-755 /
Resource Hash
7285646ea1d6480a26b5c3d66f75edac636a664b9ef84bbd5fb63122065bb668
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 22:53:45 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
632, 617
access-control-allow-origin
*
cdn-cachedat
2021-06-08 21:33:00
cdn-pullzone
201235
rawgit-cache-status
HIT
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
server
BunnyCDN-DE1-755
cdn-requestpullcode
200
x-robots-tag
none
vary
Accept-Encoding
sunset
Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=2592000
cdn-requestid
5cb62b34405ba75419086edcc79d2ba8
content-type
application/javascript;charset=utf-8
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
toc.js
bernskioldmedia.com/ext/helpscout/ 		501 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bernskioldmedia.com/ext/helpscout/toc.js
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.201.60.108 , Sweden, ASN44136 (ASODERLAND, SE),
Reverse DNS
server11.serverdrift.com
Software
LiteSpeed /
Resource Hash
312f37fd44a8d7885d9f1efb343f6e66815e3cab79d310c1a7ba27617834aefd

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 22:53:45 GMT
content-encoding
br
last-modified
Wed, 30 Jun 2021 21:37:46 GMT
server
LiteSpeed
etag
"1f5-60dce42a-6fca735ccc1c43d4;br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
241
expires
Tue, 05 Jul 2022 04:53:45 GMT
tocbot.min.js
cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/tocbot.min.js
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f41451ee670abd2cf15681d5d3c8497db9266c141d545a6cc8e2f98505512e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 22:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6280373
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3203
cf-request-id
099efc770c000064eb133fc000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fff-2b9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2HZ%2BlkpDWpXn%2BqKyc65phbRhG73M4H7yiq0BBHwM%2BIWHoFGdcNsscKn7z3Hjp8w3mHc24Bsmm6BrZfZ3Ruz%2FI1eQIM%2BWGqATxcbMbK3DkroZbX3QPvyDRsurXHyAa1aeNJKWRBeXR%2FOUxcHbug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
669bee73ea832c22-FRA
expires
Fri, 24 Jun 2022 22:53:44 GMT
tocbot.css
cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/ 		565 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.11.1/tocbot.css
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 22:53:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6280373
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
228
cf-request-id
099efc77090000bf1936b5b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fff-235"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=O61z2hXY2eV3nq8Xb2%2B%2B6JpLWyJYMiYTxg11D9QE%2By09RUch2Vehj2d9HGvvclUpHVQfcr9RSRPb0Vbfw%2FcBHmR0am%2FDRzrqMwAovOyT5ozchsmC4CmZdMdTW6JEGI5fZ%2Bkl1Q9TwepI7y35VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
669bee73ea822c22-FRA
expires
Fri, 24 Jun 2022 22:53:44 GMT
BM_Logo_Text_Pos-copy.png
d33v4339jhl8k0.cloudfront.net/docs/assets/596e3251042863033a1b31d3/images/60957f1865446b63a85177a3/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33v4339jhl8k0.cloudfront.net/docs/assets/596e3251042863033a1b31d3/images/60957f1865446b63a85177a3/BM_Logo_Text_Pos-copy.png
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-143.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21a091e935e1a0f30220bdd2193d9cb41a8d3c4e7e88f1315a62c9f55d6dff47

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Sun, 04 Jul 2021 22:53:46 GMT
Via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 May 2021 17:55:37 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
ETag
"e0740a1cfb7c2eb3bd9f8f45f4567a2e"
X-Cache
Miss from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9042
X-Amz-Cf-Id
EfdhzGSxcIiI5Hz7z4CmX986b1Kn98n6AZYyMn2ixF5q5Lh7TMcHAA==
app3.min.js
d3eto7onm69fcz.cloudfront.net/assets/javascripts/ 		152 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3eto7onm69fcz.cloudfront.net/assets/javascripts/app3.min.js
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f200:b:1881:c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
6bf242fdd751df39ced5d033f2081789229b0557dab7ec40de91ae668f34709a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jan 2021 16:37:10 GMT
server
openresty
age
2732
etag
"91998ffbe61e8ec4af9e87bcda608c9390f90f81"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
date
Sun, 04 Jul 2021 22:08:34 GMT
x-amz-cf-pop
FRA2-C2
content-length
155206
x-amz-cf-id
0ky575S0z9TEtE0CvZf0DDlqrpTgmTk4y8iKyl2AtEYDsJv5bsBSGQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://support.bernskioldmedia.com
Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 11:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135961
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 11:14:19 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-19733539-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
4303
date
Sun, 04 Jul 2021 21:42:02 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sun, 04 Jul 2021 23:42:02 GMT
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b3e8e10db2f90bdb8710b478c200588b2396146e4b07b22a795ad79e062360f

Request headers

Origin
https://support.bernskioldmedia.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef6243162529857209c96208cdece42c2171f5bc345ffffd3375486d8a0fa729

Request headers

Origin
https://support.bernskioldmedia.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/opentype
prettify.css
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/ 		655 B
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/prettify.css
Requested by
Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/google/code-prettify/master/loader/run_prettify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
37249
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
328
etag
W/"28f-3AMtzR7l//agOVmpYsx92kQQyCI"
x-served-by
cache-fra19182-FRA
date
Sun, 04 Jul 2021 22:53:45 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=863219226&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.bernskioldmedia.com%2F&ul=en-us&de=UTF-8&dt=Bernskiold%20Media%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=204178847&gjid=170449003&cid=1118081464.1625439225&tid=UA-19733539-10&_gid=2093629752.1625439225&_r=1&gtm=2ou6u0&z=455210135
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://support.bernskioldmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Jul 2021 22:53:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.bernskioldmedia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame BF0F 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&co=aHR0cHM6Ly9zdXBwb3J0LmJlcm5za2lvbGRtZWRpYS5jb206NDQz&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=normal&cb=7hvqbn3rru1v
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
96b0a9a0fdecb51c29c7744636a551a0dac14565541530cad9981c89e6ad3e98
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ebBu1C2kAUd0/T9pYPBQ/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&co=aHR0cHM6Ly9zdXBwb3J0LmJlcm5za2lvbGRtZWRpYS5jb206NDQz&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=normal&cb=7hvqbn3rru1v
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://support.bernskioldmedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://support.bernskioldmedia.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 04 Jul 2021 22:53:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-ebBu1C2kAUd0/T9pYPBQ/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20746
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame BF0F 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&co=aHR0cHM6Ly9zdXBwb3J0LmJlcm5za2lvbGRtZWRpYS5jb206NDQz&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=normal&cb=7hvqbn3rru1v
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 06:04:40 GMT
vary
Accept-Encoding
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
x-content-type-options
nosniff
age
60545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
expires
Mon, 04 Jul 2022 06:04:40 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame BF0F 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&co=aHR0cHM6Ly9zdXBwb3J0LmJlcm5za2lvbGRtZWRpYS5jb206NDQz&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=normal&cb=7hvqbn3rru1v
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 11:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135961
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 11:14:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame BF0F 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI
Requested by
Host: support.bernskioldmedia.com
URL: https://support.bernskioldmedia.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&co=aHR0cHM6Ly9zdXBwb3J0LmJlcm5za2lvbGRtZWRpYS5jb206NDQz&hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&size=normal&cb=7hvqbn3rru1v
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 22:53:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 04 Jul 2021 22:53:45 GMT
bframe
www.google.com/recaptcha/api2/ Frame F9C6 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&cb=in07g198qd6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a737f8c694559bb6c6b58e57fca1ca3a26589bc79f01a67a60a30a53b7824f61
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6t88INebnUPeqZV0mTXAeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&cb=in07g198qd6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://support.bernskioldmedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://support.bernskioldmedia.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 04 Jul 2021 22:53:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-6t88INebnUPeqZV0mTXAeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame F9C6 		52 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&cb=in07g198qd6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 06:04:40 GMT
vary
Accept-Encoding
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
x-content-type-options
nosniff
age
60545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52867
x-xss-protection
0
expires
Mon, 04 Jul 2022 06:04:40 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame F9C6 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdhmSQTAAAAAMdAtrGjQeyN1HWWWAc5iN8FZ_MD&cb=in07g198qd6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 04 Jul 2021 11:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135961
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 11:14:19 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| tocbot function| _toConsumableArray function| _slice function| css_browser_selector string| url undefined| rewrittenUrl function| containsAuthQueryParam function| rewriteUrl function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| c function| initArticleRatings function| initDocsWebSearch undefined| noddy undefined| remotes boolean| PR_SHOULD_USE_CONTINUATION object| PR undefined| tags undefined| h1 object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_774884

4 Cookies

Domain/Path Name / Value
.bernskioldmedia.com/ Name: _gat_gtag_UA_19733539_10
Value: 1
.bernskioldmedia.com/ Name: _gid
Value: GA1.2.2093629752.1625439225
.bernskioldmedia.com/ Name: _ga
Value: GA1.2.1118081464.1625439225
support.bernskioldmedia.com/ Name: PLAY_SESSION
Value: "b150a6d907dc914496360ae568a9f650a054bc90-siteId=596e3251042863033a1b31d4&hs.session.id=69KelivOu6HR3QA6jcst9MtpGO2XTKjR2UJkGMHRysxPC0zqPnOSW5pqubkT7RoA&hs.session.exp=1625525624857"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bernskioldmedia.com
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
d33v4339jhl8k0.cloudfront.net
d3eto7onm69fcz.cloudfront.net
support.bernskioldmedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
143.204.101.143
2600:9000:21f3:f200:b:1881:c0:21
2606:4700::6810:125e
2a00:1450:4001:802::2003
2a00:1450:4001:809::2004
2a00:1450:4001:810::2008
2a00:1450:4001:82a::200e
2a04:4e42:3::485
54.159.143.110
89.187.169.39
91.201.60.108
09f41451ee670abd2cf15681d5d3c8497db9266c141d545a6cc8e2f98505512e
21a091e935e1a0f30220bdd2193d9cb41a8d3c4e7e88f1315a62c9f55d6dff47
312f37fd44a8d7885d9f1efb343f6e66815e3cab79d310c1a7ba27617834aefd
4605fd11e235c95ab71c327876a0b7c6299906cdb81df38c2040687acd7bdd6f
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf242fdd751df39ced5d033f2081789229b0557dab7ec40de91ae668f34709a
7285646ea1d6480a26b5c3d66f75edac636a664b9ef84bbd5fb63122065bb668
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
8b3e8e10db2f90bdb8710b478c200588b2396146e4b07b22a795ad79e062360f
96b0a9a0fdecb51c29c7744636a551a0dac14565541530cad9981c89e6ad3e98
a24fde467a8465bdc7436814430bfd76e9ccf1e4bac33c74c8cff51ab96d9028
a737f8c694559bb6c6b58e57fca1ca3a26589bc79f01a67a60a30a53b7824f61
b275d0c60d29dab71af7675d1e7086d97666a01f1520dae32f85a2ec9875f690
b53381303a6bc0505e09d23f4c49c2e48e90493b8b78b9f7372682d0d27ac5e3
b62abed8d3c3cecfc6d80cbb06396e63e38a07cb2779d60163754276f26a997e
e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d
ef6243162529857209c96208cdece42c2171f5bc345ffffd3375486d8a0fa729