encrypted-tbn0.gstatic.com Open in urlscan Pro
2a00:1450:4001:811::200e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSK0heDeftpC5bBL32VLP2CKrbutSFtQ3GZFO825CQqg49w7aO8W9LvweEj7LQ8y-tdgg&usqp=CAU
Submission: On May 16 via manual (May 16th 2024, 7:47:50 am UTC) from DE — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 2a00:1450:4001:811::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is encrypted-tbn0.gstatic.com.
TLS certificate: Issued by WR2 on May 6th 2024. Valid for: 3 months.

This is the only time encrypted-tbn0.gstatic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:811::200e		15169 (GOOGLE) (GOOGLE)
2	1

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gstatic.com encrypted-tbn0.gstatic.com	5 KB
2	1

	Domain	Requested by
2	encrypted-tbn0.gstatic.com
2	1

This site contains no links.

Subject Issuer	Validity	Valid
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSK0heDeftpC5bBL32VLP2CKrbutSFtQ3GZFO825CQqg49w7aO8W9LvweEj7LQ8y-tdgg&usqp=CAU
Frame ID: 31ADFB6A7A96DE081A40B54E18D9789E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

images (458×110)

Page Statistics

2
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

5 kB
Transfer

5 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request images Show response
encrypted-tbn0.gstatic.com/ 5 KB
5 KB 39ms
38ms Document
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSK0heDeftpC5bBL32VLP2CKrbutSFtQ3GZFO825CQqg49w7aO8W9LvweEj7LQ8y-tdgg&usqp=CAU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf902bbc84a35268abb01452f9caf614ed312a6ceb2ba2ddf3c69db1275e8c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 52052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-length: 4920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 17:20:14 GMT
expires: Thu, 15 May 2025 17:20:14 GMT
last-modified: Sun, 31 Jul 2022 01:19:51 GMT
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
server: sffe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 404 favicon.ico
encrypted-tbn0.gstatic.com/ 43 B
116 B 45ms
45ms Other
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://encrypted-tbn0.gstatic.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSK0heDeftpC5bBL32VLP2CKrbutSFtQ3GZFO825CQqg49w7aO8W9LvweEj7LQ8y-tdgg&usqp=CAU
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 07:47:46 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/gif
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://encrypted-tbn0.gstatic.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

encrypted-tbn0.gstatic.com
2a00:1450:4001:811::200e
bf902bbc84a35268abb01452f9caf614ed312a6ceb2ba2ddf3c69db1275e8c36
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

encrypted-tbn0.gstatic.com Open in urlscan Pro 2a00:1450:4001:811::200e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

5 kBTransfer

5 kBSize

0 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

encrypted-tbn0.gstatic.com Open in urlscan Pro
2a00:1450:4001:811::200e Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

5 kB
Transfer

5 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions