google.termalfurdo.net Open in urlscan Pro
91.233.21.51  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response google.termalfurdo.net/	5 KB 2 KB	337ms 23ms	Document text/html	91.233.21.51 WEBSAS-AS
General Check archive.org Show headers Download Go to Full URL https://google.termalfurdo.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.233.21.51 , Hungary, ASN198281 (WEBSAS-AS, HU), Reverse DNS server.trinetymedia.hu Software Apache / Resource Hash ae8c092ca8298271c41f6318038b48c7e9e3230175838b9fe62cbcabd1daed8c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers last-modified Tue, 25 Jan 2022 12:52:26 GMT accept-ranges bytes vary Accept-Encoding,User-Agent content-encoding gzip content-length 2129 content-type text/html date Wed, 26 Jan 2022 03:36:57 GMT server Apache
GET H2	200	api.js Show response apis.google.com/js/	13 KB 6 KB	124ms 102ms	Script application/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: google.termalfurdo.net URL: https://google.termalfurdo.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b8417fbc0d9d7e069136093783112f3790ff59ba3810862bd6ec829c714ae268 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fNULLqNtJKG51VAJ3hEBqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://google.termalfurdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 03:36:58 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF cross-origin-opener-policy same-origin etag "cd9548d21b91a6bc691d64931de272a2" x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-fNULLqNtJKG51VAJ3hEBqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * expires Wed, 26 Jan 2022 03:36:58 GMT
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/	309 KB 105 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b99f1ef7dc50fe3da663b22321b89c83123f718a5e6721d1bfb2c94d0433641 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://google.termalfurdo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 19:55:44 GMT content-encoding gzip x-content-type-options nosniff age 546074 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 107219 x-xss-protection 0 last-modified Wed, 01 Dec 2021 04:25:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 19 Jan 2023 19:55:44 GMT
GET H2	200	proxy.html Show response content-sheets.googleapis.com/static/ Frame D6C8	436 B 742 B	227ms 178ms	Document text/html	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://content-sheets.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__ Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cf730def5eca563ed0a31d355310f34202c6f23a29e279ba334bbc4ca3737eff Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-RvAb4X0HghJcGGKC5WWkpQ==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/xd3cpp/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://google.termalfurdo.net/ Response headers content-type text/html; charset=UTF-8 content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-RvAb4X0HghJcGGKC5WWkpQ==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/xd3cpp/1 content-encoding gzip date Wed, 26 Jan 2022 03:36:58 GMT server ESF cache-control private content-length 292 x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame 96D2	513 B 901 B	45ms 17ms	Document text/html	2a00:1450:4001:800::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=auth2,client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6e3939d4a823fb708022516064327b02424a955e1d2cb2d7f056561fc9014bfa Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-k2El2Qr234E3Bl0XRYAong' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://google.termalfurdo.net/ Response headers content-type text/html; charset=utf-8 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 26 Jan 2022 03:36:58 GMT content-language en-US content-security-policy script-src 'report-sample' 'nonce-k2El2Qr234E3Bl0XRYAong' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	1959142245-idpiframe.js Show response ssl.gstatic.com/accounts/o/ Frame 96D2	113 KB 114 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/1959142245-idpiframe.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d442d7575fcce245d4d2af6608ffa60dffb51811abbc4de16dc2591500b7bbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 25 Jan 2022 21:23:34 GMT x-content-type-options nosniff age 22404 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 115848 x-xss-protection 0 last-modified Fri, 21 Jan 2022 03:14:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="federated-signon-mpm-access" vary Accept-Encoding report-to {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Jan 2023 21:23:34 GMT
GET H3	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame 96D2	15 B 59 B	45ms 29ms	XHR application/json	2a00:1450:4001:800::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fgoogle.termalfurdo.net&client_id=967662192418-09hft5euh4ttvj7m2mvfv3qpcjae7oq8.apps.googleusercontent.com Requested by Host: ssl.gstatic.com URL: https://ssl.gstatic.com/accounts/o/1959142245-idpiframe.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 03:36:58 GMT content-encoding gzip x-content-type-options nosniff server ESF content-type application/json; charset=utf-8 cache-control public, max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Wed, 26 Jan 2022 04:36:58 GMT
GET H3	200	googleapis.proxy.js Show response apis.google.com/js/ Frame D6C8	13 KB 5 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/googleapis.proxy.js?onload=startup Requested by Host: content-sheets.googleapis.com URL: https://content-sheets.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9554efb5f080f11b688e379e04e89bbc630288bfeb94cecf42195c78d21ed156 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-WoBVivhF8KQsyr/rDBtJLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://content-sheets.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 03:36:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN etag "ab4097b961a8e15c515ad997d44b7d1b" strict-transport-security max-age=31536000 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-WoBVivhF8KQsyr/rDBtJLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * expires Wed, 26 Jan 2022 03:36:58 GMT
GET H3	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/ Frame D6C8	63 KB 22 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/googleapis.proxy.js?onload=startup Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e45dd010575a550c663c4d263f783ff90507d67271c8d37642f29298ee1321e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://content-sheets.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 08:07:35 GMT content-encoding gzip x-content-type-options nosniff age 588563 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22536 x-xss-protection 0 last-modified Wed, 01 Dec 2021 04:25:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding, Origin report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Thu, 19 Jan 2023 08:07:35 GMT
GET H3	403	rest Show response content-sheets.googleapis.com/$discovery/ Frame D6C8	468 B 322 B	217ms 202ms	XHR application/json	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://content-sheets.googleapis.com/$discovery/rest?version=v4&pp=0&fields=fields%5B%22kind%22%5D%2Cfields%5B%22name%22%5D%2Cfields%5B%22version%22%5D%2Cfields%5B%22rootUrl%22%5D%2Cfields%5B%22servicePath%22%5D%2Cfields%5B%22resources%22%5D%2Cfields%5B%22parameters%22%5D%2Cfields%5B%22methods%22%5D%2Cfields%5B%22batchPath%22%5D%2Cfields%5B%22id%22%5D&key=AIzaSyDdnrqpq3FoP1psf4W-qk7gHiGPsrC-6Js Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.fTaiTKatF_k.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA/cb=gapi.loaded_0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e5a7c2a700fb157d556b7c0f18c7a181f322cee1d9bdbe181e4b15f37a42f812 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-Goog-Encode-Response-If-Executable base64 X-Origin https://google.termalfurdo.net X-ClientDetails appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Referer https://content-sheets.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.fTaiTKatF_k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCMXRHEXK0JsfodiVatZb9gMAYhYSA%2Fm%3D__features__ X-Requested-With XMLHttpRequest X-JavaScript-User-Agent google-api-javascript-client/1.1.0 X-Referer https://google.termalfurdo.net Response headers date Wed, 26 Jan 2022 03:36:58 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 cache-control private vary Origin, X-Origin, Referer content-length 300 x-xss-protection 0

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| CLIENT_ID string| API_KEY object| DISCOVERY_DOCS string| SCOPES object| authorizeButton object| signoutButton function| handleClientLoad function| initClient function| updateSigninStatus function| handleAuthClick function| handleSignoutClick function| appendPre function| listMajors object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 04:49:39	Name: NID Value: 511=ejZ_mQIdpChblH1BY4vPkwf_PA3scALG48xxbIWro3jLGO820_TilYgbWX56z9nctShEWeQzSw3js2YnfMbFVk4pY_xSmIESkOg9SdU121ttqiDRZ18p-GHjvro7-Vcm5nAKsSq6OZSYPBMd06Widxw95Kfx37XYsTrLAj3IeaY
			.google.termalfurdo.net/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://content-sheets.googleapis.com/$discovery/rest?version=v4&pp=0&fields=fields%5B%22kind%22%5D%2Cfields%5B%22name%22%5D%2Cfields%5B%22version%22%5D%2Cfields%5B%22rootUrl%22%5D%2Cfields%5B%22servicePath%22%5D%2Cfields%5B%22resources%22%5D%2Cfields%5B%22parameters%22%5D%2Cfields%5B%22methods%22%5D%2Cfields%5B%22batchPath%22%5D%2Cfields%5B%22id%22%5D&key=AIzaSyDdnrqpq3FoP1psf4W-qk7gHiGPsrC-6Js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
content-sheets.googleapis.com
google.termalfurdo.net
ssl.gstatic.com
2a00:1450:4001:800::200d
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2003
2a00:1450:4001:828::200e
91.233.21.51
3b99f1ef7dc50fe3da663b22321b89c83123f718a5e6721d1bfb2c94d0433641
6e3939d4a823fb708022516064327b02424a955e1d2cb2d7f056561fc9014bfa
7d442d7575fcce245d4d2af6608ffa60dffb51811abbc4de16dc2591500b7bbc
9554efb5f080f11b688e379e04e89bbc630288bfeb94cecf42195c78d21ed156
ae8c092ca8298271c41f6318038b48c7e9e3230175838b9fe62cbcabd1daed8c
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
b8417fbc0d9d7e069136093783112f3790ff59ba3810862bd6ec829c714ae268
cf730def5eca563ed0a31d355310f34202c6f23a29e279ba334bbc4ca3737eff
e45dd010575a550c663c4d263f783ff90507d67271c8d37642f29298ee1321e5
e5a7c2a700fb157d556b7c0f18c7a181f322cee1d9bdbe181e4b15f37a42f812