googledontbeevil.com Open in urlscan Pro
2606:4700:3035::ac43:8b47  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request letter Show response googledontbeevil.com/	8 KB 3 KB	111ms 63ms	Document text/html	2606:4700:3035::ac43:8b47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://googledontbeevil.com/letter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:8b47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 0f00377c3309ae58e14c2ddb9cffc245f9a6db49a83a057cda0a71bb71755603 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 10 Nov 2021 03:18:49 GMT content-type text/html; charset=utf-8 x-powered-by PHP/7.4.11 vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goJppEhNfFx4qdf8n7etAcsFTPDWarKZp%2BBu%2BBYM%2FY5IBx%2B%2B8cuLQgLdWtMsPknxVkjsoLtqrKb9AeQ6kcobq5lD1Je3Qh2th7rA8JzFFvaj6gdPUOkznrmc35Ae64phAX%2FMs8iWsQ8HWpvthwTspoLU1w%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6abc22c01b323ad1-CDG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	styles.css googledontbeevil.com/	0 353 B	62ms 61ms	Stylesheet text/css	2606:4700:3035::ac43:8b47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://googledontbeevil.com/styles.css Requested by Host: googledontbeevil.com URL: https://googledontbeevil.com/letter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:8b47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/letter User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:18:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.11 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 0 server cloudflare etag "d41d8cd98f00b204e9800998ecf8427e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6TctSmXrgp3UZ%2FLUzqWPxTwPRskLb5TymbeUklBYqCyTcb%2F%2BthpHI3Z8PbZt7rSYaL1993ntkV7KLf1demHYJUj0e5u3GC%2Ba%2BIqyirsU%2F7oN2rIon0HeGueFS7sJ%2BFgTfBQ8XNlU6lzKO0O0orEdasapA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control public, max-age=2592000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6abc22c0ab963ad1-CDG
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.3.2/	56 KB 57 KB	31ms 8ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js Requested by Host: googledontbeevil.com URL: https://googledontbeevil.com/letter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 08 Nov 2021 20:19:54 GMT x-content-type-options nosniff age 111535 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57254 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="hosted-libraries-pushers" expires Tue, 08 Nov 2022 20:19:54 GMT
GET H2	200	actionkit.js Show response act.boldprogressives.org/samples/	35 KB 12 KB	689ms 314ms	Script application/javascript	54.177.12.238 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://act.boldprogressives.org/samples/actionkit.js Requested by Host: googledontbeevil.com URL: https://googledontbeevil.com/letter Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.12.238 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-12-238.us-west-1.compute.amazonaws.com Software openresty / Resource Hash 93450011a23e013c1eb75d62bbb3cd9d1f43bbd908c26a886df21be4ee9978d9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:18:50 GMT content-encoding gzip last-modified Wed, 06 Oct 2021 20:42:06 GMT server openresty etag W/"615e0a1e-8c44" vary Accept-Encoding content-type application/javascript cache-control max-age=86400 expires Thu, 11 Nov 2021 03:18:50 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/	182 KB 45 KB	37ms 15ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/jquery-ui.min.js Requested by Host: googledontbeevil.com URL: https://googledontbeevil.com/letter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e21e121c209400a165ef1585f49799a7db6753c9663396ede86de434ae84e1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 09 Nov 2021 05:38:16 GMT content-encoding gzip x-content-type-options nosniff age 78033 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45919 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="hosted-libraries-pushers" expires Wed, 09 Nov 2022 05:38:16 GMT
GET H2	200	google-dont-be-evil.gif googledontbeevil.com/images/	81 B 411 B	64ms 63ms	Image image/png	2606:4700:3035::ac43:8b47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://googledontbeevil.com/images/google-dont-be-evil.gif Requested by Host: googledontbeevil.com URL: https://googledontbeevil.com/letter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:8b47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/letter User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:18:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.11 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 81 server cloudflare etag "5fa23ea9f65e3a772b747fa0e6234308" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpPKha168BbdX3yT4NAL3VaRhhICdlW5IccxcVGKyBC9Nzbso7llz9IqNhyog8TRXG4SPOgnDe5%2BnLKcodK5qD6RjFnrjhSc%2FJBPH05a5KWvnNgsERlvNj40fbK0%2BgIPEEQNh3%2F3y2IHr2FxwmL9yuVlAA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6abc22c10bf73ad1-CDG
GET H2	200	sergey-larry.jpg googledontbeevil.com/images/	81 B 375 B	62ms 62ms	Image image/png	2606:4700:3035::ac43:8b47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://googledontbeevil.com/images/sergey-larry.jpg Requested by Host: googledontbeevil.com URL: https://googledontbeevil.com/letter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:8b47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/letter User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:18:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.4.11 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 81 server cloudflare etag "5fa23ea9f65e3a772b747fa0e6234308" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gwq2ZZTBcx7dyPrpdtP292e2Yp8j2wamen9fr%2FRqTi8HAqjiKpQ0e2c2%2B4%2BQkzO1OjzCmGY972QupajwWaPWcxOAH4sYGPPN%2B8zX7LAeiqoEPwnAZZGqzhHoMbBHSGATnLp39fWHsAUDtWPLeJmZz%2BXmA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6abc22c17c453ad1-CDG
GET H2	200	googlefounders Show response act.boldprogressives.org/context/	7 KB 3 KB	220ms 220ms	Script text/javascript	54.177.12.238 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://act.boldprogressives.org/context/googlefounders?callback=actionkit.forms.onContextLoaded&form_name=act&required=email&required=country&want_progress=1&r=0.33331717363247026&url=https%3A%2F%2Fgoogledontbeevil.com%2Fletter Requested by Host: act.boldprogressives.org URL: https://act.boldprogressives.org/samples/actionkit.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.12.238 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-12-238.us-west-1.compute.amazonaws.com Software openresty / Resource Hash 5a98ada38b7bf8faadcf7b9ccd6d481e7c5ec8d99701579a620398dece2a4619 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:18:50 GMT content-encoding gzip server openresty vary Accept-Encoding, Cookie, Origin content-type text/javascript
GET H2	200	googlefounders Show response act.boldprogressives.org/progress/	206 B 309 B	205ms 205ms	Script text/javascript	54.177.12.238 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://act.boldprogressives.org/progress/googlefounders?form_name=act&callback=actionkit.forms.onProgressLoaded Requested by Host: act.boldprogressives.org URL: https://act.boldprogressives.org/samples/actionkit.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.12.238 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-12-238.us-west-1.compute.amazonaws.com Software openresty / Resource Hash ac1b67fea7752a2dc8588e752ebbc80db9bbfdc9f5a1d12af83fe678e866154e Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:18:50 GMT server openresty content-length 206 vary Cookie, Origin content-type text/javascript
GET H2	200	100 Show response act.boldprogressives.org/text/	7 KB 3 KB	186ms 186ms	Script text/javascript	54.177.12.238 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://act.boldprogressives.org/text/100?callback=actionkit.forms.onTextLoaded&rand_id=0.16706890477484704 Requested by Host: act.boldprogressives.org URL: https://act.boldprogressives.org/samples/actionkit.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.12.238 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-12-238.us-west-1.compute.amazonaws.com Software openresty / Resource Hash 7223acf0de33dcf3c22682599121478b7410007b430c704e55c9da1e556cd2ca Request headers Accept-Language de-DE,de;q=0.9 Referer https://googledontbeevil.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 10 Nov 2021 03:18:50 GMT content-encoding gzip server openresty vary Accept-Encoding, Cookie, Origin content-type text/javascript

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| actionkit function| country_change function| tmpl function| DP_jQuery function| getEsc function| displayLightbox function| unesc object| pair string| key function| esc

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://googledontbeevil.com/letter(Line 41) Message: Mixed Content: The page at 'https://googledontbeevil.com/letter' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://act.boldprogressives.org/act/'. This endpoint should be made available over a secure connection.
security	warning	URL: https://googledontbeevil.com/letter(Line 72) Message: Mixed Content: The page at 'https://googledontbeevil.com/letter' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://act.boldprogressives.org/act/'. This endpoint should be made available over a secure connection.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.boldprogressives.org
ajax.googleapis.com
googledontbeevil.com
2606:4700:3035::ac43:8b47
2a00:1450:4001:82f::200a
54.177.12.238
0f00377c3309ae58e14c2ddb9cffc245f9a6db49a83a057cda0a71bb71755603
5a98ada38b7bf8faadcf7b9ccd6d481e7c5ec8d99701579a620398dece2a4619
7223acf0de33dcf3c22682599121478b7410007b430c704e55c9da1e556cd2ca
93450011a23e013c1eb75d62bbb3cd9d1f43bbd908c26a886df21be4ee9978d9
ac1b67fea7752a2dc8588e752ebbc80db9bbfdc9f5a1d12af83fe678e866154e
b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
e21e121c209400a165ef1585f49799a7db6753c9663396ede86de434ae84e1e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855