urlscan.io logo urlscan.io
SecurityTrails logo

domtom.ch Open in urlscan Pro
80.74.136.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://domtom.ch/
Effective URL: https://domtom.ch/login_up.php?action=logout
Submission: On June 06 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 80.74.136.136, located in Switzerland and belongs to ASN-METANET Routingpeering issues: noc@metanet.ch, CH. The main domain is domtom.ch.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 27th 2023. Valid for: a year.
This is the only time domtom.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 80.74.136.136 21069 (ASN-METAN...)
1 142.250.186.36 15169 (GOOGLE)
18 3
Apex Domain
Subdomains		 Transfer
16 domtom.ch
domtom.ch
103 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
1 KB
0 gstatic.com Failed
www.gstatic.com Failed
18 3
Domain Requested by
16 domtom.ch domtom.ch
1 www.google.com domtom.ch
0 www.gstatic.com Failed www.google.com
18 3

This site contains no links.

Subject Issuer Validity Valid
*.sui-inter.net
Sectigo RSA Domain Validation Secure Server CA		 2023-06-27 -
2024-07-11		 a year crt.sh
www.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://domtom.ch/login_up.php?action=logout
Frame ID: C6D4CE0ABBBC27074AB640881A75F7D6
Requests: 17 HTTP requests in this frame

Frame: https://domtom.ch/loaderif.php
Frame ID: 40773F332DED454FC00A2AB58D34E636
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DNS Cloud

Page URL History Show full URLs

  1. https://domtom.ch/ Page URL
  2. https://domtom.ch/login_up.php?action=logout Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

18
Requests

6 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

104 kB
Transfer

232 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://domtom.ch/ Page URL
  2. https://domtom.ch/login_up.php?action=logout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
domtom.ch/ 		86 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
referer
https://www.google.ch/
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
content-type
text/html; charset=UTF-8
date
Thu, 06 Jun 2024 04:14:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
httpsa
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Primary Request login_up.php
domtom.ch/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/login_up.php?action=logout
Requested by
Host: domtom.ch
URL: https://domtom.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
512291ca4f1d2a4dd6567105ea6ec103197fea4037d56777d5f8bf4dbe338fa9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://domtom.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
referer
https://www.google.ch/
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
content-type
text/html; charset=UTF-8
date
Thu, 06 Jun 2024 04:14:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
httpsa
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
main.css
domtom.ch/skins/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/skins/css/main.css
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
b7a24d4829de26fcb7e8706c43ba68fff9717dba027a658d7165b7847c0b11ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:13 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"5bbdfc08-2179"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:13 GMT
layout.css
domtom.ch/skins/css/ 		48 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/skins/css/layout.css
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
3ce8843036fb9412df129689503d6faf0ee2ecd7277d161a8174db286c6e6f32
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:13 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"5bbdfc08-bece"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:13 GMT
buttons.css
domtom.ch/skins/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/skins/css/buttons.css
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
33b15fd7dee66c85af16f4715d13df08ba9837ab0cd75a9563f8a089598a6e0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:13 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"5bbdfc08-2f07"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:13 GMT
buttons.css
domtom.ch/skins/default/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/skins/default/css/buttons.css
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
87f104b88378f20d386b60f8e8f61c50a7f27646c9214dd78fb99920cd6d9bc8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:13 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"5bbdfc08-f86"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:13 GMT
fonts.css
domtom.ch/skins/css/ 		2 KB
955 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/skins/css/fonts.css
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
dd25058e79e80ce9f36377324d0e0c56d7204afcd54175f59ff09009de0acab1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:13 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"5bbdfc08-94b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:13 GMT
retina.css
domtom.ch/skins/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/skins/css/retina.css
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
9481328930051789e69ab4eb0ec58818282fd090ff618d8fd3f5ab6f3a949967
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:13 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"5bbdfc08-4d06"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:13 GMT
functions.js
domtom.ch/js/ 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/js/functions.js
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
9f9af112daa059bdf2ae09e6144202bd4a96944f5229eb3326c76755d9c2f34f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:13 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:50:08 GMT
server
httpsa
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"5bbe0390-fb9e"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:13 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
d041cfe3652035805fde63ef4ad66ff296165148003a1ad43680213a60853cad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 06 Jun 2024 04:14:14 GMT
loading.gif
domtom.ch/skins/icons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domtom.ch/skins/icons/loading.gif
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
f3a8c372de248ca2e1c99d2164368aea2eb0b6e9b04e5dda72e56ac5fa05024a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:14 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
x-content-type-options
nosniff
etag
"5bbdfc08-26e9"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
9961
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:14 GMT
retina.js
domtom.ch/js/thirdparty/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/js/thirdparty/retina.js
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
681e1fd3778fa55d436611fd43fe7a205f2377ba78dfd8ac22c96ad04fbcebad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:14 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:50:12 GMT
server
httpsa
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"5bbe0394-938"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=864000
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:14 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 		0
0
loaderif.php
domtom.ch/ Frame 4077 		0
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/loaderif.php
Requested by
Host: domtom.ch
URL: https://domtom.ch/login_up.php?action=logout
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://domtom.ch/login_up.php?action=logout
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
referer
https://www.google.ch/
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
content-type
text/html; charset=UTF-8
date
Thu, 06 Jun 2024 04:14:14 GMT
referrer-policy
no-referrer-when-downgrade
server
httpsa
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sprite-login-username.png
domtom.ch/skins/icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domtom.ch/skins/icons/sprite-login-username.png
Requested by
Host: domtom.ch
URL: https://domtom.ch/skins/css/layout.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
7cdb34f5a894bbd9bb93212d7b127413a476bd989325dc2b27cedb4c609612e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:14 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
x-content-type-options
nosniff
etag
"5bbdfc08-eed"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
3821
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:14 GMT
raleway-regular.woff2
domtom.ch/skins/fonts/raleway/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/skins/fonts/raleway/raleway-regular.woff2
Requested by
Host: domtom.ch
URL: https://domtom.ch/skins/css/fonts.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
948cc2f7e9973899932d856c3da293ac2479c16daed528ff5ee3b2556d19316a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Origin
https://domtom.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:14 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
x-content-type-options
nosniff
etag
"5bbdfc08-8f68"
content-type
application/font-woff2
cache-control
max-age=864000
accept-ranges
bytes
content-length
36712
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:14 GMT
sprite-login-password.png
domtom.ch/skins/icons/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domtom.ch/skins/icons/sprite-login-password.png
Requested by
Host: domtom.ch
URL: https://domtom.ch/skins/css/layout.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
55c9b13af832d2f26064e36f31c9afa7b9e83ac618b5330a3c48d9de84ea2c32
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:14 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
x-content-type-options
nosniff
etag
"5bbdfc08-ee3"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
3811
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:14 GMT
favicon.png
domtom.ch/skins/ 		484 B
975 B 		Other
General
Check archive.org
Download Go to
Full URL
https://domtom.ch/skins/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.74.136.136 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
ch.ch-inter.net
Software
httpsa /
Resource Hash
0d9ebc39e9f83a9c03554592a84a8a86abbbabdcb1c2ef3e76e9b3b7f3d5dd5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.google.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 04:14:14 GMT
content-security-policy
frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubdomains
last-modified
Wed, 10 Oct 2018 13:18:00 GMT
server
httpsa
x-content-type-options
nosniff
etag
"5bbdfc08-1e4"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
484
x-xss-protection
1; mode=block
expires
Sun, 16 Jun 2024 04:14:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__de_ch.js

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| page_help_level object| old_active_menu_obj string| page_context_help string| page_help_file string| previous_input boolean| have_form_errors object| loader_saved_objects object| highlighted_tr object| highlighted_field object| disabled_anchors object| select_sizes undefined| mouse_x undefined| mouse_y boolean| ns4 boolean| ie4 boolean| ns6 boolean| safari number| scroll_offset_y function| syncCall function| mouseMove boolean| checked_header function| js_toggle_checks_header function| js_toggle_checks function| getcss function| cssclass_exists function| fold function| toggle_fold function| toggle_fold_image function| toggle_fold_object function| toggle_menu_title function| select_append function| select_insert function| select_delete function| get_browser undefined| timeout function| fadeIn function| set_chelp function| clear_chelp function| set_page_context object| count object| roots object| idvec function| get_max function| delete_element function| verify_init function| more_fields function| less_fields function| remove_node function| do_clean function| remove_all function| init function| verify_checkboxset function| remove_selected function| check_group_ops function| submit_search_form function| limit_action_change function| set_menu function| set_field_value function| enter_focus function| enter_click function| setup_loader function| show_loader function| windowSize function| isWebkit function| getSizeWithDisplay function| getSize function| hide_loader function| set_loader_text function| set_highlight_tr function| unset_highlight_tr function| clear_highlighted_tr function| open_help function| set_help_file function| swap_rows function| move_selected function| disable_obj function| relate function| relate_fold function| get_object function| get_obj function| get_group_ids function| disable_group function| trim function| remove_select_size function| multiple_select_all function| initial_time function| count_time function| increase_date function| setScrollInIE function| disableHScroll function| switch_state_rows function| patch_inputs function| set_focus function| select_field function| add_to_layer function| hide_layer_custom function| show_layer function| show_layer_custom function| show_results function| hide_results function| hide_layer function| fold_toggle function| get_selected_div function| process_foldable_select function| refresh_frame function| refresh_menuframe function| refresh_topframe function| changeSearch object| non_icons number| icon_headers function| toggle_table_row function| table_switch_header function| load_values function| toggle_table_rows function| check_table function| display_message function| delete_message function| close_toplevel function| append_to_master_list string| HTML_WARNING string| HTML_INFO string| HTML_CRITICAL function| show_html_alert function| base64_encode_and_serialize function| toplevel_message function| show_toplevel_alert function| trigger_select_events function| shrink_select function| pad_string function| run_checkbox function| prepare_log function| add_log_message object| global_table_element function| js_table_mouseover object| global_tr_element function| js_table_tr_mouseover function| js_table_tr_toggle_onclick function| js_table_tr_checked_as_table_event function| js_table_tr_checked function| table_switch_headers function| toggle_search function| toggle_class function| follow_url function| updatefile function| hasClass function| removeClass function| addClass function| toggle_password_panel_hint function| verify_password_strength function| show_reset_password_strength function| get_password_strength function| has_password_invalid_characters function| get_password_element function| clear_pass_errors function| password_text function| validate_element_ff function| validate_element function| add_error function| clear_errors function| toggleFoldableBox function| add_data_rjs_for_retina function| highlight_input function| unset_highlight_input function| submit_form_on_enter function| get_validated_obj object| EMPTY_RE function| empty_obj function| empty_and_regex_check function| empty_and_regex_not_check function| bind_regex function| js_atom_username object| NOT_EMPTY_RE function| js_option_notempty function| js_atom_password function| login_form_js_validate function| _body_onload function| execute_after_submit function| _body_onunload function| change_input_icon function| check_form_inputs object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| retinajs object| submit_button object| username object| password boolean| isValidUsername boolean| isValidPassword

1 Cookies

Domain/Path Name / Value
domtom.ch/ Name: DNSMANAGER
Value: 4uukBU-ds5gD5mMv90-2e9jtEn4k07TM

2 Console Messages

Source Level URL
Text
security error URL: https://www.google.com/recaptcha/api.js
Message:
Refused to load the script 'https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__de_ch.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
intervention info URL: https://domtom.ch/login_up.php?action=logout(Line 568)
Message:
Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://domtom.ch/skins/fonts/raleway/raleway-regular.woff2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://apis.google.com https://ssl.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/api2/;
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block