URL: https://goo.gs/73nnn
Submission Tags: falconsandbox
Submission: On February 24 via api from US — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 43.154.133.96, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is goo.gs.
TLS certificate: Issued by R3 on February 24th 2023. Valid for: 3 months.
This is the only time goo.gs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 43.154.133.96 132203 (TENCENT-N...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
6 2
Apex Domain
Subdomains
Transfer
3 rsms.me
rsms.me — Cisco Umbrella Rank: 12320
203 KB
3 goo.gs
goo.gs
89 KB
6 2
Domain Requested by
3 rsms.me goo.gs
rsms.me
3 goo.gs goo.gs
6 2

This site contains no links.

Subject Issuer Validity Valid
goo.gs
R3
2023-02-24 -
2023-05-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-07 -
2023-06-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://goo.gs/73nnn
Frame ID: 0A826138B5905B8A6C18700405CF1CBF
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

链接已禁用

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

292 kB
Transfer

492 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 73nnn
goo.gs/
8 KB
4 KB
Document
General
Full URL
https://goo.gs/73nnn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.154.133.96 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
a101c4a8fbbc68e6ab325706bac8ce56849c9e2662ad39e096a75d04de2fbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 Feb 2023 18:10:11 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
app.js
goo.gs/js/
192 KB
66 KB
Script
General
Full URL
https://goo.gs/js/app.js
Requested by
Host: goo.gs
URL: https://goo.gs/73nnn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.154.133.96 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
53a79386efefbd57c81ed5b9f1d44b2c7ea112c21714e3f3b014ee93c50c1e20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.gs/73nnn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:10:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 15:01:16 GMT
server
nginx
etag
W/"605ca5bc-30122"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 25 Feb 2023 06:10:12 GMT
app.css
goo.gs/css/
87 KB
20 KB
Stylesheet
General
Full URL
https://goo.gs/css/app.css
Requested by
Host: goo.gs
URL: https://goo.gs/73nnn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.154.133.96 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
2a5c31808547fbcb55a8264054d6d5296a9e3a5881d394cdc67385cee0260407
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.gs/73nnn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:10:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 15:01:16 GMT
server
nginx
etag
W/"605ca5bc-15a55"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 25 Feb 2023 06:10:12 GMT
inter.css
rsms.me/inter/
5 KB
2 KB
Stylesheet
General
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: goo.gs
URL: https://goo.gs/73nnn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d8ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goo.gs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-fastly-request-id
c045732f0e17636580911f03ccab68a8ed721be4
date
Fri, 24 Feb 2023 18:10:12 GMT
via
1.1 varnish
content-encoding
br
expires
Sat, 18 Feb 2023 20:09:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
480
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19139-FRA
last-modified
Tue, 04 Oct 2022 15:53:21 GMT
server
cloudflare
x-github-request-id
08C7:6031:B7BD69:BD1673:633C571F
x-timer
S1664899049.831625,VS0,VE2
etag
W/"633c56f1-1490"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tis3YdvJ6%2FjlMFvQp12xeQht5l%2Fh5WTFI0rjq%2B4Vlp5SDBXhBQLzKOesbj%2BWlSESuzHMIhMXqTmdNx5A5kr1etOl%2Fzmss%2BfrrgKgoG%2Fgh7Wc3ZJGkVCkGiRWJDqpNMFvoRifewJv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
79ea2819ce889013-FRA
x-cache-hits
1
Inter-Medium.woff2
rsms.me/inter/font-files/
103 KB
104 KB
Font
General
Full URL
https://rsms.me/inter/font-files/Inter-Medium.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d8ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://goo.gs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-fastly-request-id
c038f9efd12a78031aa73db2dfc49a176b37eafb
date
Fri, 24 Feb 2023 18:10:12 GMT
via
1.1 varnish
expires
Sat, 18 Feb 2023 20:11:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
HIT
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
105924
x-served-by
cache-hhn-etou8220025-HHN
last-modified
Tue, 04 Oct 2022 15:53:17 GMT
server
cloudflare
x-github-request-id
B970:8010:5B45A2:7A33E9:63F12E90
x-timer
S1677262213.746328,VS0,VE2
etag
"633c56ed-19dc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxqCpq1Y6D7GhlBmlZ8bIS3r1INIkcVYZsmJzOl31jfEzLgDbMJYhqDeoR7rFsbALmg1UnsuYoQ3UsaISwTQ0mud%2Fv6uN3wRTAAlCQOZitgG9xZaGO6xFrjMUZ9IUwKheqFkIZY%2F"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
79ea281d9e5837e6-FRA
x-cache-hits
1
Inter-Regular.woff2
rsms.me/inter/font-files/
97 KB
97 KB
Font
General
Full URL
https://rsms.me/inter/font-files/Inter-Regular.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d8ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://goo.gs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-fastly-request-id
65eba14fffff388b43ef2036ad3955678f96c023
date
Fri, 24 Feb 2023 18:10:12 GMT
via
1.1 varnish
expires
Tue, 21 Feb 2023 23:46:39 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
HIT
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
98868
x-served-by
cache-hhn-etou8220053-HHN
last-modified
Tue, 04 Oct 2022 15:53:17 GMT
server
cloudflare
x-github-request-id
5638:0B16:301B5:41B7E:63F555C5
x-timer
S1677262213.749113,VS0,VE3
etag
"633c56ed-18234"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmrQ6xZs6H2s4hN%2Fv9f9gCha5B%2FJF%2FKoDCYmn%2Fxd3xmj8N7Kcu%2BaucBwpCnYgRK1AU5A2Cw4JvgIZL5wkYVuuM5yCQud0hzCPFLBJ3vHFjyVj1FhKpacUVUnConZK9ybSh4EWqFU"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
79ea281d9e5637e6-FRA
x-cache-hits
1

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| max function| $ function| jQuery object| bootstrap function| ClipboardJS

4 Cookies

Domain/Path Name / Value
goo.gs/ Name: XSRF-TOKEN
Value: eyJpdiI6IlY0YU9DVkpPejF5Y255d2Yza3NPS3c9PSIsInZhbHVlIjoiZ3pzZUhoUDB2TVFvbFwvRlJ6eE1TcXd0VFwvYUNoTDg1Z1Q4ME1MeDhDR3BGZDZDVzRCa201WGdjUUN6ZVwvRStTUFpib1RKZStPRHBaTkY4bjkyMlZNMldrSncwMXRSZlM0NkVyTldvOENhbnBxbzMxQnRVdlA0SHpOMWFcL0J2RjdkIiwibWFjIjoiZGIxZmM5NzdjYjAwZmM0NjU4ZGIyODdiMDI5NmIyOGRiOWE0ODk5MzVhYzg4ZjhmNzNlNjliOTQwZmFkNzU5ZSJ9
goo.gs/ Name: phpshort_session
Value: eyJpdiI6ImxNOFZ6NzB2TWpVczJWeGdJUTlWZ0E9PSIsInZhbHVlIjoiXC9ZaWJnQm1NY1ZnajkxZVBHXC9GaEM0aFh0Wkxmd3h5R3VRYU9xd1h0YXMzaEg2c2c3Y0FcLzhnTmNQTVVac2ViNEU5UGF0WFAyUnNoeUcxd3JGUjRxZ2orSWxLQjRmWTRrOHc2aldaYmhSbkszNTNycjdjbjgzNEhtOThCQWlOM3YiLCJtYWMiOiJhNmVlMzk0MTIxYzE2NDU2ZmY3NDZhMDNiNWZmNWM5YjJmNzc5YzIyMjI2NWVjOTVmOWIzZmU5ZTZmZWIxYzE2In0%3D
goo.gs/ Name: dark_mode
Value: 0
goo.gs/ Name: cookie_law
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000