urlscan.io logo urlscan.io
SecurityTrails logo

sites.google.com Open in urlscan Pro
2a00:1450:400d:804::200e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thailotteryway.com/wp-content/plugins/ee
Effective URL: https://sites.google.com/view/extension-kyc-metamaskconnect
Submission: On January 25 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 34 HTTP transactions. The main IP is 2a00:1450:400d:804::200e, located in Ireland and belongs to GOOGLE, US. The main domain is sites.google.com. The Cisco Umbrella rank of the primary domain is 2746.
TLS certificate: Issued by GTS CA 1C3 on January 2nd 2023. Valid for: 3 months.
This is the only time sites.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
thailotteryway.com
10    2a00:1450:400d:804::200e (Ireland)

ASN15169 (GOOGLE, US)
sites.google.com
apis.google.com
3    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    207.55.244.15 (United States)

ASN11989 (WEBINT, US)
PTR: cp34.deluxehosting.com
goochtoo.com
Apex Domain
Subdomains		 Transfer
13 gstatic.com
www.gstatic.com
fonts.gstatic.com
819 KB
10 google.com
sites.google.com — Cisco Umbrella Rank: 2746
apis.google.com — Cisco Umbrella Rank: 92
174 KB
8 goochtoo.com
goochtoo.com Failed
69 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
3 KB
2 thailotteryway.com
thailotteryway.com
842 B
34 5
Domain Requested by
9 www.gstatic.com sites.google.com
www.gstatic.com
8 goochtoo.com www.gstatic.com
goochtoo.com
7 apis.google.com sites.google.com
apis.google.com
www.gstatic.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com sites.google.com
goochtoo.com
3 sites.google.com www.gstatic.com
2 thailotteryway.com 2 redirects
34 7

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
goochtoo.com
cPanel, Inc. Certification Authority		 2023-01-11 -
2023-04-11		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://sites.google.com/view/extension-kyc-metamaskconnect
Frame ID: 280001CEC138D33473A5F2F1305218A8
Requests: 18 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.Yt_SD7BHY9U.O%2Fd%3D1%2Frs%3DAHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg%2Fm%3D__features__&r=979204860
Frame ID: 92ECF2A736C164C7A9C2AC8D031153B2
Requests: 6 HTTP requests in this frame

Frame: https://goochtoo.com/js/
Frame ID: 77041481775B7E0EF1F225A10BBDDAB5
Requests: 1 HTTP requests in this frame

Frame: https://goochtoo.com/js/recover/import.php
Frame ID: 49B86B041159E78257C3BC3D66F0913E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MetaMask

Page URL History Show full URLs

  1. https://thailotteryway.com/wp-content/plugins/ee HTTP 301
    https://thailotteryway.com/wp-content/plugins/ee/ HTTP 302
    https://sites.google.com/view/extension-kyc-metamaskconnect Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://sites\.google\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

34
Requests

97 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

1065 kB
Transfer

3684 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thailotteryway.com/wp-content/plugins/ee HTTP 301
    https://thailotteryway.com/wp-content/plugins/ee/ HTTP 302
    https://sites.google.com/view/extension-kyc-metamaskconnect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://goochtoo.com/js/ HTTP 302
  • https://goochtoo.com/js/recover/import.php

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request extension-kyc-metamaskconnect
sites.google.com/view/
Redirect Chain
  • https://thailotteryway.com/wp-content/plugins/ee
  • https://thailotteryway.com/wp-content/plugins/ee/
  • https://sites.google.com/view/extension-kyc-metamaskconnect
45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/view/extension-kyc-metamaskconnect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d305dfdd120821ad1c415895917f4bbb0b9c93dd023ad6e3f521bf021a7eaba2
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ybvnqNVuYy4mnlrQFRpQCg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ybvnqNVuYy4mnlrQFRpQCg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
date
Wed, 25 Jan 2023 21:25:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ESF
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78f41513cd4fb848-AMS
content-type
text/html; charset=UTF-8
date
Wed, 25 Jan 2023 21:25:36 GMT
location
https://sites.google.com/view/extension-kyc-metamaskconnect
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iZuKJJVMyKND9rEVwWBHDmQ23K%2FiZdzAnKKEM72sfOwURgCbOXvlPR2VztEcwN56HHMovzofmG1YW7xqzhVQGQTgRg5Gnac08QXIzqS9L2RqKddWfdF2qKpC%2B53EmNcopHMxuFoH%2FUcfKLjkTrhpu0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		4 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/extension-kyc-metamaskconnect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b6aff6e09494259b0f9cdaa32c9b72c552e40b323413e9964d92f6b6e7a006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Jan 2023 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 Jan 2023 20:38:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Jan 2023 21:25:36 GMT
css
fonts.googleapis.com/ 		22 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/extension-kyc-metamaskconnect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
205200acf73f653da1b5f5b306246d80720b4170128314423575d36c35f63bec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Jan 2023 21:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 Jan 2023 20:23:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Jan 2023 21:25:36 GMT
rs=AGEqA5kRITaPz-kQynZDifi2mOTdDaw6ug
www.gstatic.com/_/atari/_/ss/k=atari.vw.biclogJ8wdE.L.W.O/d=1/ 		1 MB
140 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.biclogJ8wdE.L.W.O/d=1/rs=AGEqA5kRITaPz-kQynZDifi2mOTdDaw6ug
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/extension-kyc-metamaskconnect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a994f959fad0fe2d8e106559413a9af1ab9c846cf8a1c18e9a01aa64349ba1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 16:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142532
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 13:33:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 25 Jan 2024 16:11:10 GMT
client.js
apis.google.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/extension-kyc-metamaskconnect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92534001f1286ff1f9b0da066110dca44884d337c54ca90910bf67af2fff3b88
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 25 Jan 2023 21:25:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6896
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"507a7c714003c475"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 21:25:36 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/ 		517 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/extension-kyc-metamaskconnect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17f34c8be5b0eedaa6a45aa9452ef30cdd7a098aa88421df506dd4e7d0e264d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 22:25:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179383
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 13:33:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 23 Jan 2024 22:25:12 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.Yt_SD7BHY9U.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg/ 		314 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.Yt_SD7BHY9U.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ed2f1c5e15079f95a1a4cb3af72a70830fb79e2709a6c6c9b3524315d0762bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 12:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109671
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 12:01:06 GMT
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 92EC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
Requested by
Host: sites.google.com
URL: https://sites.google.com/view/extension-kyc-metamaskconnect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sites.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
166473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Jan 2023 23:11:03 GMT
expires
Tue, 23 Jan 2024 23:11:03 GMT
last-modified
Mon, 23 Jan 2023 13:28:48 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 19:42:15 GMT
x-content-type-options
nosniff
age
524601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 19:42:15 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:35:41 GMT
x-content-type-options
nosniff
age
517795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:35:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sites.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 01:45:44 GMT
x-content-type-options
nosniff
age
157192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Jan 2024 01:45:44 GMT
m=sy1a,sy1b,sy19,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=sy1a,sy1b,sy19,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8354bc4872545aa5d6f7e64d35492b5eb5f00239e3ebd2d6374d8b3c2d9f0d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 22:25:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12472
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 13:33:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 23 Jan 2024 22:25:12 GMT
m=sy2o,TRvtze
www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/ 		850 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=sy2o,TRvtze
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54b2e4beb9f23dc9f9a240a9c40654128b348748f4ef8f2b04cbbc3758719c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 22:25:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
489
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 13:33:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 23 Jan 2024 22:25:12 GMT
m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy14,TGYpv,syz,X85Uvc,HIeYee,QxOCld,sy2p,abQiW,W26a5e,hJUyqe,sy11,sy16,sy12,sy13,sy15,fuVYe,syj,ruhlUe,KUM7Z,XDKZTc,sy10,qkPXAf,sy18,zPx2U,qEW1W,oNFsLb,sy3n,yxTchf,sy3...
www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/ 		1 MB
396 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy14,TGYpv,syz,X85Uvc,HIeYee,QxOCld,sy2p,abQiW,W26a5e,hJUyqe,sy11,sy16,sy12,sy13,sy15,fuVYe,syj,ruhlUe,KUM7Z,XDKZTc,sy10,qkPXAf,sy18,zPx2U,qEW1W,oNFsLb,sy3n,yxTchf,sy3o,sy3p,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2r,SM1lmd,sy6,sy5,syw,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2q,sy1g,sy1r,syl,RrXLpc,cgRV2c,syy,sy1s,o1L5Wb,X4BaPc,syf,Md9ENb,sy1i,sy1j,sy1k,syn,sy1d,sy1e,sy1f,sy1h,sy1q,syo,syv,syx,KlrXId,NlqxW,sy1n,sy1o,sy1p,sy1m,sy1v,syb,syq,sy1l,sy1u,sy1y,sy20,sy25,sy1w,sy24,sy2c,sy1t,sy1x,sy22,sy1z,sy23,sy26,sy29,sy2b,sy2e,sy2f,sy1c,T807ad,sy21,ZDEHrf,sy27,sy28,sy2a,sy2d,oy3iwb,dBhIIb,syp,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,R4KMEc,sy2g,sy2h,sy2i,sy2j,UYjpC,vVEdxc,sy3,VYKRW,sy17,CG0Qwb,RZ9OZ,N0NZx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88daddb52b5b2ecc171006dc663b856c03ebc26987f8a5bcfd7697bd20c1e46d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 09:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
405920
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 13:33:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 24 Jan 2024 09:10:09 GMT
m=sy3e,IZT63,vfuNJf,sy38,sy3c,sy3f,sy3s,sy3q,sy3r,siKnQd,sy36,sy3d,sy3h,YNjGDd,sy3g,sy3i,PrPYRd,iFQyKf,hc6Ubd,sy3t,SpsfSb,sy39,sy3b,wR5FRb,pXdRYb,dIoSBb,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=sy3e,IZT63,vfuNJf,sy38,sy3c,sy3f,sy3s,sy3q,sy3r,siKnQd,sy36,sy3d,sy3h,YNjGDd,sy3g,sy3i,PrPYRd,iFQyKf,hc6Ubd,sy3t,SpsfSb,sy39,sy3b,wR5FRb,pXdRYb,dIoSBb,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a51dfdea3ffaaf984bc5d9d50cb94fa3021fb31f18e22c2dbf8dc4ec1b14cf38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 22:25:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10030
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 13:33:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 23 Jan 2024 22:25:12 GMT
api.js
apis.google.com/js/ Frame 92EC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eb143465df9ab53ed32c2e9bfa282ebf222b3b6dbdfeb9dff19b919b1389c84
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 25 Jan 2023 21:25:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6f82d2f464ecf58a"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 21:25:37 GMT
m=m9oV,sy3j,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2s,uu7UOe,nAFL3,sy2m,gJzDyc,sy2t,sy3u,soHxf,sys,syu,HYv29e,sy2u,uY3Nvd
www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=0/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=m9oV,sy3j,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2s,uu7UOe,nAFL3,sy2m,gJzDyc,sy2t,sy3u,soHxf,sys,syu,HYv29e,sy2u,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17f132a708b43a1be003cf220f52ae5a4b4b2c9c5e6ccb04f83877a6424e6ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 23:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166939
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10950
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 13:33:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 23 Jan 2024 23:03:18 GMT
logImpressions
sites.google.com/_/view/ 		16 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sites.google.com/view/extension-kyc-metamaskconnect
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Jan 2023 21:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.Yt_SD7BHY9U.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg/ Frame 92EC 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.Yt_SD7BHY9U.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45116414ebd7a116c7865fdeb2f4c2d538ee7fa2a4545b36db983119d58a307e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 10:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17848
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 10:54:56 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.Yt_SD7BHY9U.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg/ 		261 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.Yt_SD7BHY9U.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b213115772bd7d27e29f6ccf006c69229ebe2e783d47da39c973ebb88061af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sites.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 13:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Jan 2024 13:16:56 GMT
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 92EC 		2 KB
947 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.Yt_SD7BHY9U.O%2Fd%3D1%2Frs%3DAHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg%2Fm%3D__features__&r=979204860
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sites.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Jan 2023 21:25:37 GMT
expires
Thu, 25 Jan 2024 21:25:37 GMT
last-modified
Wed, 25 Jan 2023 13:24:18 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
goochtoo.com/js/ Frame 7704 		0
0
api.js
apis.google.com/js/ Frame 92EC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.Yt_SD7BHY9U.O%2Fd%3D1%2Frs%3DAHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg%2Fm%3D__features__&r=979204860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9eb143465df9ab53ed32c2e9bfa282ebf222b3b6dbdfeb9dff19b919b1389c84
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 25 Jan 2023 21:25:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6894
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6f82d2f464ecf58a"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jan 2023 21:25:37 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.Yt_SD7BHY9U.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg/ Frame 92EC 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.nl.Yt_SD7BHY9U.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45116414ebd7a116c7865fdeb2f4c2d538ee7fa2a4545b36db983119d58a307e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 10:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17848
x-xss-protection
0
last-modified
Sat, 07 Jan 2023 15:19:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 10:54:56 GMT
import.php
goochtoo.com/js/recover/ Frame 49B8
Redirect Chain
  • https://goochtoo.com/js/
  • https://goochtoo.com/js/recover/import.php
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goochtoo.com/js/recover/import.php
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.nl.Yt_SD7BHY9U.O%2Fd%3D1%2Frs%3DAHpOoo8Bvvkc8RD5iqKGlUVZMQFSjsWVOg%2Fm%3D__features__&r=979204860
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.55.244.15 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp34.deluxehosting.com
Software
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4 /
Resource Hash
e418abee40628a5f1e4df5ece8ec23ef569cbc3200ecba05270ef772827c63c1

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Jan 2023 21:25:21 GMT
Keep-Alive
timeout=30, max=100
Server
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Jan 2023 21:25:20 GMT
Keep-Alive
timeout=30, max=100
Server
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Transfer-Encoding
chunked
location
recover/import.php
style.css
goochtoo.com/js/recover/res/ Frame 49B8 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://goochtoo.com/js/recover/res/style.css
Requested by
Host: goochtoo.com
URL: https://goochtoo.com/js/recover/import.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.55.244.15 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp34.deluxehosting.com
Software
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4 /
Resource Hash
bda41d08db709ff339f73dc5d7ea5e986ea2f436c3cd6336db788bd0b5158336

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://goochtoo.com/js/recover/import.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 21:25:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jan 2023 23:39:23 GMT
Server
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
ETag
"4245e9-8cc-5f30b068f96ba-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=99
Content-Length
908
jq.js
goochtoo.com/js/recover/res/ Frame 49B8 		87 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goochtoo.com/js/recover/res/jq.js
Requested by
Host: goochtoo.com
URL: https://goochtoo.com/js/recover/import.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.55.244.15 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp34.deluxehosting.com
Software
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4 /
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://goochtoo.com/js/recover/import.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 21:25:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jan 2023 23:39:23 GMT
Server
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
ETag
"4245e6-15d9d-5f30b068f92d2-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=99
logo.png
goochtoo.com/js/recover/res/ Frame 49B8 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goochtoo.com/js/recover/res/logo.png
Requested by
Host: goochtoo.com
URL: https://goochtoo.com/js/recover/import.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.55.244.15 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp34.deluxehosting.com
Software
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4 /
Resource Hash
a63a08d511c9b8ff6bd0fa2206959e3dcef4ca9e0fb4292991d6b0c473f2fe87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://goochtoo.com/js/recover/import.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 21:25:21 GMT
Last-Modified
Tue, 24 Jan 2023 23:39:23 GMT
Server
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
ETag
"4245e8-14d7-5f30b068f96ba"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=98
Content-Length
5335
info.png
goochtoo.com/js/recover/res/ Frame 49B8 		617 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goochtoo.com/js/recover/res/info.png
Requested by
Host: goochtoo.com
URL: https://goochtoo.com/js/recover/import.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.55.244.15 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp34.deluxehosting.com
Software
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4 /
Resource Hash
85b519d32bb26e3b931d5adf5bf1ee013dc5561153e13d0cbb67dafbdc54ed96

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://goochtoo.com/js/recover/import.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 21:25:21 GMT
Last-Modified
Tue, 24 Jan 2023 23:39:23 GMT
Server
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
ETag
"4245e5-269-5f30b068f8eea"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=97
Content-Length
617
error.png
goochtoo.com/js/recover/res/ Frame 49B8 		834 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goochtoo.com/js/recover/res/error.png
Requested by
Host: goochtoo.com
URL: https://goochtoo.com/js/recover/import.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.55.244.15 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp34.deluxehosting.com
Software
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4 /
Resource Hash
8e4f63e427d70bc898459fc66940f8c7991fd1f68a0f8aa5dc01973b04f77e50

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://goochtoo.com/js/recover/import.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 21:25:21 GMT
Last-Modified
Tue, 24 Jan 2023 23:39:23 GMT
Server
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
ETag
"4245e3-342-5f30b068f8eea"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=96
Content-Length
834
css2
fonts.googleapis.com/ Frame 49B8 		3 KB
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Cairo:wght@400&family=Source+Sans+Pro:wght@400&display=swap
Requested by
Host: goochtoo.com
URL: https://goochtoo.com/js/recover/res/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3781e586478fcd2a5723e25111d3634180abd24d510d5ad5226820135117a413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://goochtoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Jan 2023 21:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 Jan 2023 21:25:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Jan 2023 21:25:38 GMT
hide.png
goochtoo.com/js/recover/res/ Frame 49B8 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goochtoo.com/js/recover/res/hide.png
Requested by
Host: goochtoo.com
URL: https://goochtoo.com/js/recover/import.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.55.244.15 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp34.deluxehosting.com
Software
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4 /
Resource Hash
da346e1e6ab1e9b49c4a50bcd72d9a5fb09a5c12f0f9885b0a1bac964bcc920f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://goochtoo.com/js/recover/import.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 21:25:21 GMT
Last-Modified
Tue, 24 Jan 2023 23:39:23 GMT
Server
Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
ETag
"4245e4-397a-5f30b068f8eea"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=98
Content-Length
14714
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 49B8 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo:wght@400&family=Source+Sans+Pro:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goochtoo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 17:43:57 GMT
x-content-type-options
nosniff
age
186101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 17:43:57 GMT
logImpressions
sites.google.com/_/view/ 		16 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sites.google.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.nl.n-dK7Cvlqsc.O/d=1/rs=AGEqA5mWZJDX7sjyEM7oB1f7qeEFzl4LlA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sites.google.com/view/extension-kyc-metamaskconnect
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 25 Jan 2023 21:25:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
goochtoo.com
URL
https://goochtoo.com/js/

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw function| _F_installCss object| _bind object| closure_lm_489077 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| _getTimingInstance function| _docsTiming function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope number| closure_uid_145944214

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=aMvxJ5URoiJZjNsEvlFzGCq54P7E9Phu9ETIrThxkdXeVM7_7C-UIT5mwPYYcmTrg4TI8kAq2feUvULP0cHh_LCNPGNY1ydfZ1GmTxN4v3DJWanUmc2qVZbYAY-4OYAkCbDphy5w1o7BYLpjZg12Aa1H9r7WFGelDOTXzdPW7ak

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ybvnqNVuYy4mnlrQFRpQCg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
fonts.googleapis.com
fonts.gstatic.com
goochtoo.com
sites.google.com
thailotteryway.com
www.gstatic.com
goochtoo.com
207.55.244.15
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:400d:804::200e
2a00:1450:400d:808::200a
2a06:98c1:3120::c
13b6aff6e09494259b0f9cdaa32c9b72c552e40b323413e9964d92f6b6e7a006
17f132a708b43a1be003cf220f52ae5a4b4b2c9c5e6ccb04f83877a6424e6ccc
17f34c8be5b0eedaa6a45aa9452ef30cdd7a098aa88421df506dd4e7d0e264d8
205200acf73f653da1b5f5b306246d80720b4170128314423575d36c35f63bec
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
3781e586478fcd2a5723e25111d3634180abd24d510d5ad5226820135117a413
45116414ebd7a116c7865fdeb2f4c2d538ee7fa2a4545b36db983119d58a307e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
54b2e4beb9f23dc9f9a240a9c40654128b348748f4ef8f2b04cbbc3758719c13
5ed2f1c5e15079f95a1a4cb3af72a70830fb79e2709a6c6c9b3524315d0762bc
6a994f959fad0fe2d8e106559413a9af1ab9c846cf8a1c18e9a01aa64349ba1a
85b519d32bb26e3b931d5adf5bf1ee013dc5561153e13d0cbb67dafbdc54ed96
88daddb52b5b2ecc171006dc663b856c03ebc26987f8a5bcfd7697bd20c1e46d
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
8e4f63e427d70bc898459fc66940f8c7991fd1f68a0f8aa5dc01973b04f77e50
92534001f1286ff1f9b0da066110dca44884d337c54ca90910bf67af2fff3b88
94b213115772bd7d27e29f6ccf006c69229ebe2e783d47da39c973ebb88061af
9eb143465df9ab53ed32c2e9bfa282ebf222b3b6dbdfeb9dff19b919b1389c84
a51dfdea3ffaaf984bc5d9d50cb94fa3021fb31f18e22c2dbf8dc4ec1b14cf38
a63a08d511c9b8ff6bd0fa2206959e3dcef4ca9e0fb4292991d6b0c473f2fe87
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bda41d08db709ff339f73dc5d7ea5e986ea2f436c3cd6336db788bd0b5158336
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c8354bc4872545aa5d6f7e64d35492b5eb5f00239e3ebd2d6374d8b3c2d9f0d4
d305dfdd120821ad1c415895917f4bbb0b9c93dd023ad6e3f521bf021a7eaba2
da346e1e6ab1e9b49c4a50bcd72d9a5fb09a5c12f0f9885b0a1bac964bcc920f
e418abee40628a5f1e4df5ece8ec23ef569cbc3200ecba05270ef772827c63c1
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615