urlscan.io logo urlscan.io
SecurityTrails logo

sites.google.com Open in urlscan Pro
2a00:1450:4001:82b::200e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ruth.beautydemo.pro/
Effective URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Submission: On June 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 6 domains to perform 37 HTTP transactions. The main IP is 2a00:1450:4001:82b::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is sites.google.com. The Cisco Umbrella rank of the primary domain is 4900.
TLS certificate: Issued by WR2 on May 21st 2024. Valid for: 3 months.
This is the only time sites.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    198.185.159.144 (United States)

ASN53831 (SQUARESPACE, US)
ruth.beautydemo.pro
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
sites.google.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
8    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
lh5.googleusercontent.com
lh4.googleusercontent.com
lh3.googleusercontent.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
www.gstatic.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
2    216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f14.1e100.net
play.google.com
2    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
sites.google.com
1    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
apis.google.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
Apex Domain
Subdomains		 Transfer
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
1016 KB
10 google.com
sites.google.com — Cisco Umbrella Rank: 4900
apis.google.com — Cisco Umbrella Rank: 185
play.google.com — Cisco Umbrella Rank: 42
drive.google.com — Cisco Umbrella Rank: 420
137 KB
8 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 1221
lh5.googleusercontent.com — Cisco Umbrella Rank: 240
lh4.googleusercontent.com — Cisco Umbrella Rank: 1124
lh3.googleusercontent.com — Cisco Umbrella Rank: 94
345 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
5 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 95
1 beautydemo.pro
ruth.beautydemo.pro
185 B
37 6
Domain Requested by
9 www.gstatic.com sites.google.com
www.gstatic.com
6 fonts.gstatic.com fonts.googleapis.com
3 play.google.com www.gstatic.com
3 lh6.googleusercontent.com sites.google.com
3 apis.google.com sites.google.com
apis.google.com
3 fonts.googleapis.com sites.google.com
3 sites.google.com www.gstatic.com
2 lh3.googleusercontent.com sites.google.com
2 lh5.googleusercontent.com sites.google.com
1 drive.google.com www.gstatic.com
1 lh4.googleusercontent.com sites.google.com
1 www.youtube.com sites.google.com
1 ruth.beautydemo.pro 1 redirects
37 13
Subject Issuer Validity Valid
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.apis.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Frame ID: F81F8910C41EA44E585B64387DCE8CA3
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vbPu4f3yuFI?color=white&embed_config=%7B%22enc%22:%22AQ2SFqAc9_7FeCXB2lS3pTHm7KmwkVggqvYeULUaIBEjKN8HeCeXgK11dzdxPCmGvA8SJOyPY_9gxMktjhxYW4PLrwdF89tqjpfHEQuaakiC3APme2zhSQ3iT6OQWsZug-D2k3tarYCwUqHU9ZknMv2vWX93JUPW7p1zgoRj8GtdOWuW%22%7D&errorlinks=1&fs=0
Frame ID: F187578A84DFEB22FEE9104A7591519D
Requests: 1 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup
Frame ID: 088C195B1E46F758C64B52F97E0A3531
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ruth.beautydemo.pro

Page URL History Show full URLs

  1. https://ruth.beautydemo.pro/ HTTP 301
    https://sites.google.com/biotouch.com/ruth-beautytip-pro Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://sites\.google\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

37
Requests

100 %
HTTPS

64 %
IPv6

6
Domains

13
Subdomains

13
IPs

2
Countries

1503 kB
Transfer

4605 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ruth.beautydemo.pro/ HTTP 301
    https://sites.google.com/biotouch.com/ruth-beautytip-pro Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ruth-beautytip-pro
sites.google.com/biotouch.com/
Redirect Chain
  • https://ruth.beautydemo.pro/
  • https://sites.google.com/biotouch.com/ruth-beautytip-pro
121 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6992861e4c52dfd6cfd2c6c5acc322d81faaf687f8b0c9f1c37af576b2a31ad0
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-DZoBY3c4w1hkzQxd8QwZgw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-DZoBY3c4w1hkzQxd8QwZgw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Tue, 11 Jun 2024 02:31:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
reporting-endpoints
default="/web-reports?jobset=prod&context=eJwNyH9M1HUcx_F3n-_7o3hmA2I2EdxwKtO448RM4tdx971DONtKtD7f4QwXHHXSDvl1iG4dhIYjcep0w5V-j0NnCgyjuXJr035siptL10rbckJGq4gcv_KYdtfrj8f23NMSXWgmKBpcrOj1FEXb4eoLinK7FZVC0lFFGRDrUfTcKUUcUZQCjmFF1suKCqHmuqIgjI0omgLfLUXNcOO2onugHih6B779W9EP8MmsogEw5xUNgT-mqBXeWmZQAJ4sN2hxmkGz6QbxCoOaVxl0EFIzDVoHVR6DGqEFOmHpLoPWQGa9QZvA32BQK3zcbFA_5L14l2KwIOsurYDnd06J5VD-7pSoAMev02IzDIZmxGXIzJ4T2XDQPie64VH7nHgMrbWPRTuMFETFHfiqMCq-g399URGD811RMQRv35wXu6GnPCbCEKC4CEI0LS4oPS5m98bFUyjfFxcVcCyRtFPwah1p22FHt9CqIHRLaJ0wPyq0Z8aE9pqmaQrKxzWtAvY-yuM2SGrL52Vw9s98HoDsuXzeBKKngC1wZaCAv4bkDUWcCh9UF3EXrJQOXgfC6WAL5I042AUZtcW8FhL6izkR7pc4eRymvE6eh9ZJJ7fDyR4Xn4Yv-118DQoHXeyBQz-5-Cic3KPzaagK6lwLGft1XgvrO3R2QsoxndNAXNLZAheGdf4MPv1R50uwf0LnDtiQ6OZ8CGS4OQg3XG6-DeeuuHkQOq65-SOIjLt5GN6bcHMTdEkPH4fc3R4uhtX1HraCy_SwFw787uHDkFtZwqtqSjgLThzZzGfBllDKL0PXklI-Dm-ES3knPEwu4wkI7SvjTvhloZd_gzUWL9ugZZspQ7ClzZTb4N4XphyFv74x5TT4H5qyHlz_mNILVl9YboQdtWFZBfJiWC6Bw_fD8gQcGEPDnZmw_BnWp_fKV2C6r1eGhnplJ4wmR-QfUGaLyK2wqCgik-D9kYj8EK4e6ZPXIT7TJ8cvnpOTIB6cl8nPJjydPPP5gsRDT77_T6Tym35fy8osX7W_qa6h0dbob_I1WoN4vgZrTUNdoMkXqK7Msee8ZN-Yk2uz51Tusf8P5T9-QA&browser-version=%22Google+Chrome%22;v%3D%22125.0.6422.141%22,+%22Chromium%22;v%3D%22125.0.6422.141%22,+%22Not.A/Brand%22;v%3D%2224.0.0.0%22&build-label=editors.sites-viewer-frontend_20240528.02_p0&imp-sid=CLTDq__A0oYDFbBDqwIdURwCYg&is-cached-offline=false"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0

Redirect headers

age
10719
content-length
0
date
Mon, 10 Jun 2024 23:32:42 GMT
location
https://sites.google.com/biotouch.com/ruth-beautytip-pro
server
Squarespace
x-contextid
KN70rT45/2UOVvAnK
css
fonts.googleapis.com/ 		9 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8afe7c51bde49c1198c0c63fa9c40b59ada442c8c9d307875110e46981a5d37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jun 2024 02:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 02:31:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jun 2024 02:31:24 GMT
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dd1c1c9bbb75704b7b000db161ea0ec0bffcc1141b9983d18649083c7532964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jun 2024 02:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 00:49:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jun 2024 02:31:24 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Ai%2Cbi%2C700%2C400%2C500&display=swap
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7dd43d1e52f57a1b70d8100f287348147524859f631b3bb0de03ade37213786f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Jun 2024 02:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 01:44:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Jun 2024 02:31:24 GMT
rs=AGEqA5kMWAF3DtJjizzSHzEhA2Uzk1e2Sg
www.gstatic.com/_/atari/_/ss/k=atari.vw.5iZzoAeMBp8.L.W.O/am=AgM/d=1/ 		1 MB
173 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.5iZzoAeMBp8.L.W.O/am=AgM/d=1/rs=AGEqA5kMWAF3DtJjizzSHzEhA2Uzk1e2Sg
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e26f660da825a6acd1b291c1c8ef06ad6a79b3206e97bf3562111f49af89d3e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
562064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176482
x-xss-protection
0
last-modified
Tue, 28 May 2024 03:08:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 04 Jun 2025 14:23:40 GMT
client.js
apis.google.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
294b9eb402184a71a396b829e554a1bc41a0a7a03afbf81e83f9900270941820
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 02:31:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5890
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"8bad22bc082e9ed0"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jun 2024 02:31:24 GMT
-fkHRN4smAaVjLpMPtOu6Rwcp1erkYxwvDLY71gl6yJLG9r-uAWBA2Hjv1KgcljYwmN2wDy-nBOFTREfpTOWx6-q8BvD6PfzO6bYzZLLCMWIPUBiYvqE3Jy0_n7_pRHtkw=w1280
lh6.googleusercontent.com/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/-fkHRN4smAaVjLpMPtOu6Rwcp1erkYxwvDLY71gl6yJLG9r-uAWBA2Hjv1KgcljYwmN2wDy-nBOFTREfpTOWx6-q8BvD6PfzO6bYzZLLCMWIPUBiYvqE3Jy0_n7_pRHtkw=w1280
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
771f8e83cab4ba02279f0663cd81a929f890fb2a972b4290e1be2f82f9d910ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23153
x-xss-protection
0
expires
Wed, 12 Jun 2024 02:31:25 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/ 		611 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4af9a6cf73af6aedff21778df95dd46ebe128cf69c89ef6322e394929712184d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 15:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212124
x-xss-protection
0
last-modified
Tue, 28 May 2024 11:28:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Sat, 07 Jun 2025 15:41:14 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/ 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb98e9930ef604d9254256ce0dd099da476b2d4c15d14472fda8dfdb04adaa3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111486
x-xss-protection
0
last-modified
Mon, 06 May 2024 15:31:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jun 2025 02:17:14 GMT
B3Z66qHQXUJVAa_BNyVsptvRDo7z_AKE3xqcXYwKdG_vgJR-9Neiu-Cn5a-5GgbUSD7DAvJ_Tlik2x008nHqiLE=w16383
lh6.googleusercontent.com/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/B3Z66qHQXUJVAa_BNyVsptvRDo7z_AKE3xqcXYwKdG_vgJR-9Neiu-Cn5a-5GgbUSD7DAvJ_Tlik2x008nHqiLE=w16383
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
acaaa49c44057476248d56589300a604738ce6ff7b4db81316ebfc5b99994dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="ruth-lips.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73512
x-xss-protection
0
expires
Wed, 12 Jun 2024 02:31:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 17:07:38 GMT
x-content-type-options
nosniff
age
293027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 17:07:38 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v59/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v59/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:21:09 GMT
x-content-type-options
nosniff
age
616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34184
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 23:36:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 02:21:09 GMT
vbPu4f3yuFI
www.youtube.com/embed/ Frame F187 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/vbPu4f3yuFI?color=white&embed_config=%7B%22enc%22:%22AQ2SFqAc9_7FeCXB2lS3pTHm7KmwkVggqvYeULUaIBEjKN8HeCeXgK11dzdxPCmGvA8SJOyPY_9gxMktjhxYW4PLrwdF89tqjpfHEQuaakiC3APme2zhSQ3iT6OQWsZug-D2k3tarYCwUqHU9ZknMv2vWX93JUPW7p1zgoRj8GtdOWuW%22%7D&errorlinks=1&fs=0
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sites.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jun 2024 02:31:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
4-5SMQlVUkajxPfmB3hdq3HLbqQyFa4FWII0-7ov7-RUS0bFn0XIIvrXvIhGz4ph3DJIpUSaC336soWHILDrEXE=w16383
lh5.googleusercontent.com/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/4-5SMQlVUkajxPfmB3hdq3HLbqQyFa4FWII0-7ov7-RUS0bFn0XIIvrXvIhGz4ph3DJIpUSaC336soWHILDrEXE=w16383
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e6ed8090d0fc4ebb097a1d554d8810b79701451a1b434cc4093d12d95acb7019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="white.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28567
x-xss-protection
0
expires
Wed, 12 Jun 2024 02:31:25 GMT
vfFAXp-0WI-Jm2CBLEV6ef396olXU6Wdrv4oEiK-2IESV0DooM69TOPsjDFqYfznMhnNucjDmjmoyGSDEV5heuc=w16383
lh4.googleusercontent.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/vfFAXp-0WI-Jm2CBLEV6ef396olXU6Wdrv4oEiK-2IESV0DooM69TOPsjDFqYfznMhnNucjDmjmoyGSDEV5heuc=w16383
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2d4d9f289d4079b48e51d43b0b41525e8bc0f92e879c930fd8c4e19cd7ea918c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="studio-background-concept-abstract-empty-light-gradient-purple-studio-room-background-product(1).jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26878
x-xss-protection
0
expires
Wed, 12 Jun 2024 02:31:25 GMT
GEQtPyAwrfdRxFzxpqgvTut1hLmGaOqRqf2RNkxhe-JEd_dCcDswUnuVd2IkOG4SeqMj5Kigh0Bvmt3m7pljDys=w16383
lh3.googleusercontent.com/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/GEQtPyAwrfdRxFzxpqgvTut1hLmGaOqRqf2RNkxhe-JEd_dCcDswUnuVd2IkOG4SeqMj5Kigh0Bvmt3m7pljDys=w16383
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e6ed8090d0fc4ebb097a1d554d8810b79701451a1b434cc4093d12d95acb7019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="white.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28567
x-xss-protection
0
expires
Wed, 12 Jun 2024 02:31:25 GMT
1d1-26Q5tGiSiiBggBgiE1XURs71Ce18KZGLi7DHSMha0Tdo1CRXQieYquxmwrzypwU-4laZNo-n5m9V8CCwSjs=w16383
lh6.googleusercontent.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/1d1-26Q5tGiSiiBggBgiE1XURs71Ce18KZGLi7DHSMha0Tdo1CRXQieYquxmwrzypwU-4laZNo-n5m9V8CCwSjs=w16383
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2d4d9f289d4079b48e51d43b0b41525e8bc0f92e879c930fd8c4e19cd7ea918c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="studio-background-concept-abstract-empty-light-gradient-purple-studio-room-background-product(1).jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26878
x-xss-protection
0
expires
Wed, 12 Jun 2024 02:31:25 GMT
3Pw16or4kn9aZi204Dk3xLFHcJWe1rBL96PX3l-vuVXtzGZAXdOTHFLEUoxm9QhyQEY9h83r0mncRgcNLnXXhdU=w16383
lh3.googleusercontent.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/3Pw16or4kn9aZi204Dk3xLFHcJWe1rBL96PX3l-vuVXtzGZAXdOTHFLEUoxm9QhyQEY9h83r0mncRgcNLnXXhdU=w16383
Requested by
Host: sites.google.com
URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2d4d9f289d4079b48e51d43b0b41525e8bc0f92e879c930fd8c4e19cd7ea918c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:25 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26878
x-xss-protection
0
expires
Wed, 12 Jun 2024 02:31:25 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 05:44:28 GMT
x-content-type-options
nosniff
age
334017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 05:44:28 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:17:11 GMT
x-content-type-options
nosniff
age
854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 02:17:11 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:11:12 GMT
x-content-type-options
nosniff
age
562813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:11:12 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C400%2C700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 09:42:37 GMT
x-content-type-options
nosniff
age
319728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 09:42:37 GMT
m=sy1f,sy1h,sy1i,sy1g,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=sy1f,sy1h,sy1i,sy1g,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e25407ba00e877eeb190b17835aebc423cab6c11d91cdfb197f203ea93529d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
562439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12752
x-xss-protection
0
last-modified
Tue, 28 May 2024 11:28:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 04 Jun 2025 14:17:26 GMT
m=sy33,TRvtze
www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/ 		855 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=sy33,TRvtze
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52b93861a2b6a575f5b97af4fcb9c69873e2c4c716216d452977275a91fa7eb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
497
x-xss-protection
0
last-modified
Tue, 28 May 2024 11:28:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Sat, 07 Jun 2025 16:19:10 GMT
m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy12,X85Uvc,HIeYee,QxOCld,sy34,abQiW,syy,PVlQOd,NPKaK,sy5,BVgquf,fmklff,TGYpv,syk,ruhlUe,KUM7Z,XDKZTc,sy13,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3z,yxTchf,sy40,sy4...
www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/ 		1 MB
422 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy12,X85Uvc,HIeYee,QxOCld,sy34,abQiW,syy,PVlQOd,NPKaK,sy5,BVgquf,fmklff,TGYpv,syk,ruhlUe,KUM7Z,XDKZTc,sy13,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3z,yxTchf,sy40,sy41,xQtZb,yf2Bs,sy2,sy9,yyxWAc,qddgKe,sy36,SM1lmd,sy7,sy6,syz,RRzQxe,sy8,syb,sy2d,syl,sya,fNFZH,sy35,sym,RrXLpc,cgRV2c,sy11,sy1w,o1L5Wb,X4BaPc,syf,sy1a,Md9ENb,sy1l,sy1m,sy1n,syp,sy1k,sy14,sy16,sy1b,Ko0sOe,sy17,sy1s,syo,syx,sy10,sy1c,sy1d,sy1j,NlqxW,sy1q,sy1r,sy1p,sy1u,sy1v,sy20,sy1o,sy1z,sy1y,syr,sy1x,sy24,sy26,sy29,sy2a,sy2b,sy2c,sy22,sy25,sy2g,sy2n,sy1t,sy21,sy28,sy23,sy2e,sy2f,sy2k,sy2l,sy2m,sy2p,syw,sy2q,G5ZZUb,sy27,zmwrxd,sy2h,sy2i,sy2j,syg,sy2o,oy3iwb,dBhIIb,sy2r,sy2s,Yr1Pcb,LUQjOd,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,heobjb,R4KMEc,KlrXId,sy2t,sy2u,sy2v,sy2w,UYjpC,sy3,VYKRW
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
8a02b59fcd563427c7e3ff480492e5ace327ce34703bc6de3083512891b63f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 23:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9886
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
432004
x-xss-protection
0
last-modified
Tue, 28 May 2024 11:28:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 10 Jun 2025 23:46:39 GMT
m=sy2z,IZT63,vfuNJf,sy3n,sy3r,sy3t,sy44,sy42,sy43,siKnQd,sy3l,sy3s,sy3u,sy30,YNjGDd,sy3v,PrPYRd,iFQyKf,hc6Ubd,sy45,SpsfSb,sy3o,sy3q,wR5FRb,pXdRYb,dIoSBb,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=sy2z,IZT63,vfuNJf,sy3n,sy3r,sy3t,sy44,sy42,sy43,siKnQd,sy3l,sy3s,sy3u,sy30,YNjGDd,sy3v,PrPYRd,iFQyKf,hc6Ubd,sy45,SpsfSb,sy3o,sy3q,wR5FRb,pXdRYb,dIoSBb,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
b613c1d619234e72eeecb73b8b9e327985477c7cf5beb1dd8d18488cd7c74381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 23:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10857
x-xss-protection
0
last-modified
Tue, 28 May 2024 11:28:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 10 Jun 2025 23:13:29 GMT
m=NTMZac,m9oV,syd,syj,Ae65rd,rCcCxc,RAnnUd,CuaHnc,sy2y,gJzDyc,sy37,sy38,uu7UOe,sy39,soHxf,sy3a,uY3Nvd,mxS5xe,syu,syt,HYv29e
www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=NTMZac,m9oV,syd,syj,Ae65rd,rCcCxc,RAnnUd,CuaHnc,sy2y,gJzDyc,sy37,sy38,uu7UOe,sy39,soHxf,sy3a,uY3Nvd,mxS5xe,syu,syt,HYv29e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
41b6f8df07965b0c01cb1091f65428e3f782246e7aafa5e13ce280cae12b71e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28485
x-xss-protection
0
last-modified
Tue, 28 May 2024 11:28:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 11 Jun 2025 02:18:58 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://sites.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sites.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 11 Jun 2024 02:31:25 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ 		131 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sites.google.com/
X-Goog-AuthUser
0
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:25 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sites.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 02:31:25 GMT
m=sy15,sy18,sy19,fuVYe,vVEdxc,sy1e,CG0Qwb
www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=sy15,sy18,sy19,fuVYe,vVEdxc,sy1e,CG0Qwb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
298dc58a75e251ca5ffd67c53a2566b8cf7f12584ee3fee3ea207af5a66b8b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 22:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14403
x-xss-protection
0
last-modified
Tue, 28 May 2024 11:28:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 10 Jun 2025 22:53:05 GMT
logImpressions
sites.google.com/_/view/ 		16 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://sites.google.com/biotouch.com/ruth-beautytip-pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 02:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		106 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy12,X85Uvc,HIeYee,QxOCld,sy34,abQiW,syy,PVlQOd,NPKaK,sy5,BVgquf,fmklff,TGYpv,syk,ruhlUe,KUM7Z,XDKZTc,sy13,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3z,yxTchf,sy40,sy41,xQtZb,yf2Bs,sy2,sy9,yyxWAc,qddgKe,sy36,SM1lmd,sy7,sy6,syz,RRzQxe,sy8,syb,sy2d,syl,sya,fNFZH,sy35,sym,RrXLpc,cgRV2c,sy11,sy1w,o1L5Wb,X4BaPc,syf,sy1a,Md9ENb,sy1l,sy1m,sy1n,syp,sy1k,sy14,sy16,sy1b,Ko0sOe,sy17,sy1s,syo,syx,sy10,sy1c,sy1d,sy1j,NlqxW,sy1q,sy1r,sy1p,sy1u,sy1v,sy20,sy1o,sy1z,sy1y,syr,sy1x,sy24,sy26,sy29,sy2a,sy2b,sy2c,sy22,sy25,sy2g,sy2n,sy1t,sy21,sy28,sy23,sy2e,sy2f,sy2k,sy2l,sy2m,sy2p,syw,sy2q,G5ZZUb,sy27,zmwrxd,sy2h,sy2i,sy2j,syg,sy2o,oy3iwb,dBhIIb,sy2r,sy2s,Yr1Pcb,LUQjOd,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,heobjb,R4KMEc,KlrXId,sy2t,sy2u,sy2v,sy2w,UYjpC,sy3,VYKRW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
9eb019de6763a0da1af89727a5747dc04e08538a747cb39afa8be2e365bb2206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37099
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 22:33:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 03:03:43 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/ 		261 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.vSZJUCBxiHc.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo8-ODLllYGpeAGJ1LsF_agolKZY7Q/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
sffe /
Resource Hash
2ad726a6b70a4a928204a203f1145de3a13163d682c9336ec1821eb0261e4e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
x-xss-protection
0
last-modified
Mon, 06 May 2024 15:31:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jun 2025 02:04:48 GMT
auth_warmup
drive.google.com/ Frame 088C 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/auth_warmup
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=0/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=MpJwZc,n73qwf,A4UTCb,mzzZzc,CHCSlb,qAKInc,sy12,X85Uvc,HIeYee,QxOCld,sy34,abQiW,syy,PVlQOd,NPKaK,sy5,BVgquf,fmklff,TGYpv,syk,ruhlUe,KUM7Z,XDKZTc,sy13,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3z,yxTchf,sy40,sy41,xQtZb,yf2Bs,sy2,sy9,yyxWAc,qddgKe,sy36,SM1lmd,sy7,sy6,syz,RRzQxe,sy8,syb,sy2d,syl,sya,fNFZH,sy35,sym,RrXLpc,cgRV2c,sy11,sy1w,o1L5Wb,X4BaPc,syf,sy1a,Md9ENb,sy1l,sy1m,sy1n,syp,sy1k,sy14,sy16,sy1b,Ko0sOe,sy17,sy1s,syo,syx,sy10,sy1c,sy1d,sy1j,NlqxW,sy1q,sy1r,sy1p,sy1u,sy1v,sy20,sy1o,sy1z,sy1y,syr,sy1x,sy24,sy26,sy29,sy2a,sy2b,sy2c,sy22,sy25,sy2g,sy2n,sy1t,sy21,sy28,sy23,sy2e,sy2f,sy2k,sy2l,sy2m,sy2p,syw,sy2q,G5ZZUb,sy27,zmwrxd,sy2h,sy2i,sy2j,syg,sy2o,oy3iwb,dBhIIb,sy2r,sy2s,Yr1Pcb,LUQjOd,a9i3ec,CmOog,qYIcH,zTt0Rb,ap0X9d,Ik1vNd,NzVYMd,KlZlNb,rj51oe,zAU64c,uUwMBf,zRiL5c,AQnEY,jhxjge,ZV9ZUe,Tc7Qif,heobjb,R4KMEc,KlrXId,sy2t,sy2u,sy2v,sy2w,UYjpC,sy3,VYKRW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mpgy1r3rwOXOeHcmT6PzbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sites.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-mpgy1r3rwOXOeHcmT6PzbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 11 Jun 2024 02:31:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/DriveOsidBootstrap/web-reports?context=eJzjktDikmLw0ZBicEqfwRoExEsiLrIeSrzIKsTD8fftvM1sAh86dmxkUlJNyi-MTynKLEvNKCkpSCzILE4tKkstijcyMDIxMDU20DMwii8wAAAP7BrR"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
48s5S-DRYli1-lrzpwhPd-upq41DT2bvjzEtulzpi3Q30mhwLU1bXtQNavfPtyLjU-F4QbanNYxFpPtotxAhn6KDmikc3G74tS22SKUyYRZd9NYk
lh5.googleusercontent.com/ 		115 KB
115 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lh5.googleusercontent.com/48s5S-DRYli1-lrzpwhPd-upq41DT2bvjzEtulzpi3Q30mhwLU1bXtQNavfPtyLjU-F4QbanNYxFpPtotxAhn6KDmikc3G74tS22SKUyYRZd9NYk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9606bee93a3197b238e44ec849254ef3dba795fb8eba8accc120add000914e24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://sites.google.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:27 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Logo_large_4_25.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118016
x-xss-protection
0
expires
Wed, 12 Jun 2024 02:31:27 GMT
log
play.google.com/ 		131 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sites.google.com/
X-Goog-AuthUser
0
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:31:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sites.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
logImpressions
sites.google.com/_/view/ 		16 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.p-0ZXygAeQw.O/am=AgM/d=1/rs=AGEqA5kdXu-xfSviyEQZQtWDCq1LP1uybw/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://sites.google.com/biotouch.com/ruth-beautytip-pro
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 02:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| DOCS_timing function| _DumpException object| WIZ_global_data object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw object| _F_toggles function| _F_installCss object| _bind object| closure_lm_47623 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope function| litHtmlPolyfillSupport function| reactiveElementPolyfillSupport function| litElementPolyfillSupport object| litHtmlVersions object| litElementVersions object| reactiveElementVersions function| _getTimingInstance function| _docsTiming object| userfeedback object| help

5 Cookies

Domain/Path Name / Value
ruth.beautydemo.pro/ Name: crumb
Value: BbWg476vL42yM2Y2N2E3NWMzZTdhOTg0ZDE5ZmU2NGI5YjBjNDZk
.youtube.com/ Name: YSC
Value: L-B-uKI1qdA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Rwl2q_SxN6E
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgRw%3D%3D
.google.com/ Name: NID
Value: 514=kBfpQrl9fqgbOMmZq8gV8CE4kOboPddZMLaMyH0JvUCfFhCTRGM2upo4hX8HWCujDrX_iSv2an3bi7OWrJNB-5iGMhYdqm72zXzBGArlHgS2_sAI7RMy9jXpuZ-3y_hcCXQbRVJgZcS8wPYWdmnbTtjdgHpLew5wNLnoGklwx5Q

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
other warning URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sites.google.com/biotouch.com/ruth-beautytip-pro
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-DZoBY3c4w1hkzQxd8QwZgw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
play.google.com
ruth.beautydemo.pro
sites.google.com
www.gstatic.com
www.youtube.com
142.250.184.238
142.250.185.67
142.250.186.174
198.185.159.144
216.58.206.78
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200e
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
294b9eb402184a71a396b829e554a1bc41a0a7a03afbf81e83f9900270941820
298dc58a75e251ca5ffd67c53a2566b8cf7f12584ee3fee3ea207af5a66b8b29
2ad726a6b70a4a928204a203f1145de3a13163d682c9336ec1821eb0261e4e1c
2d4d9f289d4079b48e51d43b0b41525e8bc0f92e879c930fd8c4e19cd7ea918c
2dd1c1c9bbb75704b7b000db161ea0ec0bffcc1141b9983d18649083c7532964
41b6f8df07965b0c01cb1091f65428e3f782246e7aafa5e13ce280cae12b71e0
4af9a6cf73af6aedff21778df95dd46ebe128cf69c89ef6322e394929712184d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52b93861a2b6a575f5b97af4fcb9c69873e2c4c716216d452977275a91fa7eb8
6992861e4c52dfd6cfd2c6c5acc322d81faaf687f8b0c9f1c37af576b2a31ad0
771f8e83cab4ba02279f0663cd81a929f890fb2a972b4290e1be2f82f9d910ed
7dd43d1e52f57a1b70d8100f287348147524859f631b3bb0de03ade37213786f
8a02b59fcd563427c7e3ff480492e5ace327ce34703bc6de3083512891b63f97
8afe7c51bde49c1198c0c63fa9c40b59ada442c8c9d307875110e46981a5d37b
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
9606bee93a3197b238e44ec849254ef3dba795fb8eba8accc120add000914e24
9eb019de6763a0da1af89727a5747dc04e08538a747cb39afa8be2e365bb2206
acaaa49c44057476248d56589300a604738ce6ff7b4db81316ebfc5b99994dcb
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b613c1d619234e72eeecb73b8b9e327985477c7cf5beb1dd8d18488cd7c74381
cb98e9930ef604d9254256ce0dd099da476b2d4c15d14472fda8dfdb04adaa3c
e25407ba00e877eeb190b17835aebc423cab6c11d91cdfb197f203ea93529d06
e26f660da825a6acd1b291c1c8ef06ad6a79b3206e97bf3562111f49af89d3e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
e6ed8090d0fc4ebb097a1d554d8810b79701451a1b434cc4093d12d95acb7019
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef