urlscan.io logo urlscan.io
SecurityTrails logo

google.doesthishelp.com Open in urlscan Pro
162.144.68.126  Public Scan

Go To Rescan Add Verdict Report
URL: https://google.doesthishelp.com/
Submission Tags: @phishunt_io
Submission: On January 25 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 162.144.68.126, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is google.doesthishelp.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 24th 2021. Valid for: 3 months.
This is the only time google.doesthishelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 162.144.68.126 46606 (UNIFIEDLA...)
1 54.210.227.90 14618 (AMAZON-AES)
1 104.197.105.151 15169 (GOOGLE)
1 45.60.13.248 19551 (INCAPSULA)
1 134.114.93.228 21582 (NAU-AS)
3 107.154.148.117 19551 (INCAPSULA)
1 2 54.176.163.86 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 11
5    162.144.68.126 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.doesthishelp.com
google.doesthishelp.com
w3connect.com
1    54.210.227.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-227-90.compute-1.amazonaws.com
www.ccusd93.org
1    104.197.105.151 (United States)

ASN15169 (GOOGLE, US)
PTR: 151.105.197.104.bc.googleusercontent.com
schools.graniteschools.org
1    45.60.13.248 (United States)

ASN19551 (INCAPSULA, US)
www.maricopa.edu
1    134.114.93.228 (Flagstaff, United States)

ASN21582 (NAU-AS, US)
PTR: vip.cmsassets.nau.edu
cmsassets.nau.edu
3    107.154.148.117 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.148.117.ip.incapdns.net
www.doesthishelp.com
2    54.176.163.86 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-163-86.us-west-1.compute.amazonaws.com
img.bluehost.com
www.bluehost.com
6    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:803::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
Domain Requested by
6 apis.google.com google.doesthishelp.com
apis.google.com
4 google.doesthishelp.com google.doesthishelp.com
3 www.doesthishelp.com google.doesthishelp.com
1 accounts.google.com apis.google.com
1 www.youtube.com google.doesthishelp.com
1 www.bluehost.com google.doesthishelp.com
1 img.bluehost.com 1 redirects
1 cmsassets.nau.edu google.doesthishelp.com
1 www.maricopa.edu google.doesthishelp.com
1 schools.graniteschools.org google.doesthishelp.com
1 www.ccusd93.org google.doesthishelp.com
1 w3connect.com google.doesthishelp.com
21 12
Subject Issuer Validity Valid
google.doesthishelp.com
cPanel, Inc. Certification Authority		 2021-01-24 -
2021-04-24		 3 months crt.sh
w3connect.com
cPanel, Inc. Certification Authority		 2021-01-24 -
2021-04-24		 3 months crt.sh
www.ccusd93.org
Amazon		 2020-04-22 -
2021-05-22		 a year crt.sh
schools.graniteschools.org
Let's Encrypt Authority X3		 2020-11-29 -
2021-02-27		 3 months crt.sh
*.maricopa.edu
COMODO RSA Domain Validation Secure Server CA		 2019-09-18 -
2021-12-20		 2 years crt.sh
cmsassets.nau.edu
InCommon RSA Server CA		 2020-01-23 -
2022-01-22		 2 years crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-23 -
2021-07-17		 7 months crt.sh
*.bluehost.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-23 -
2022-01-22		 2 years crt.sh
*.apis.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
accounts.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://google.doesthishelp.com/
Frame ID: 94D54EA78A363DDAA7AF94F6FE304803
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ws27DEqkbqI
Frame ID: 8D6B8DFD44A4A9EED56AE6930C04D3F7
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F109077767244759355304&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Frame ID: BEF9E2C5C94945C41B1A178F71866962
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F109360223747772579996&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Frame ID: 47E7FE10B39D2B153E57EDC83A41804F
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F111455397247821118531&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Frame ID: 5989CF3C73D39F332974C4F17583BED9
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgoogle.doesthishelp.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Frame ID: DA27589C80FE14AB1A6E61BCBAA4D28B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

21
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

12
Subdomains

11
IPs

2
Countries

386 kB
Transfer

592 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://img.bluehost.com/175x25/bh_175x25_04.gif HTTP 301
  • https://www.bluehost.com/cgi/partner/175x25/bh_175x25_04.gif

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google.doesthishelp.com/ 		25 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://google.doesthishelp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.144.68.126 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.doesthishelp.com
Software
Apache /
Resource Hash
14d979c0dac76a45815dd8ae7be7f19e915abcdf7d1f0307500411cc2b9d984c

Request headers

Host
google.doesthishelp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 03:07:07 GMT
Server
Apache
Last-Modified
Tue, 26 Feb 2019 08:03:28 GMT
Accept-Ranges
bytes
Content-Length
26080
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
w3connect_powered-by-google_Logo.png
w3connect.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w3connect.com/w3connect_powered-by-google_Logo.png
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.144.68.126 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.doesthishelp.com
Software
Apache /
Resource Hash
0946d1f1e291115e70a9bb3b9627796a1a6426f120085c6149106b426e98a7c0

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 03:07:08 GMT
Last-Modified
Tue, 26 Feb 2019 09:12:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
25783
xml.png
google.doesthishelp.com/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://google.doesthishelp.com/images/xml.png
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.144.68.126 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.doesthishelp.com
Software
Apache /
Resource Hash
5b8f6a0ea0d8b33923f4511961c9983564feada662b56a63519fc2aeb3340ee0

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 03:07:07 GMT
Last-Modified
Tue, 26 Feb 2019 08:03:40 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
23831
CCUSD%20Logosmall.jpg
www.ccusd93.org/cms/lib/AZ02204140/Centricity/Template/GlobalAssets/images///Logos/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ccusd93.org/cms/lib/AZ02204140/Centricity/Template/GlobalAssets/images///Logos/CCUSD%20Logosmall.jpg
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.227.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-227-90.compute-1.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9688c97427bd7290300c5ac891524bab7e0b0f5724229b3e7aae6d33d887cf06
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.ally.ac;
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 03:07:07 GMT
etag
"2777d263522bd31:0"
last-modified
Mon, 11 Sep 2017 23:04:58 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private
content-security-policy
frame-ancestors 'self' https://*.ally.ac;
strict-transport-security
max-age=31536000; includeSubDomains;
accept-ranges
bytes
content-length
18837
x-xss-protection
1; mode=block
granite_logo_small-150x150.jpg
schools.graniteschools.org/taylorsvillehigh/files/2018/01/ 		117 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://schools.graniteschools.org/taylorsvillehigh/files/2018/01/granite_logo_small-150x150.jpg
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.197.105.151 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
151.105.197.104.bc.googleusercontent.com
Software
LiteSpeed /
Resource Hash
4587c8d352f83f764c86d78274b76b2ad38723e06bb227c7af34d1bdd96396bd

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 03:07:07 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
121
x-ua-compatible
IE=edge
logo.svg
www.maricopa.edu/themes/custom/maricopa_www/ 		56 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maricopa.edu/themes/custom/maricopa_www/logo.svg
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.248 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
b4a3bf25a4f80097ecee5261cd616accce96359d42d3296b17e307767b991879
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=300
content-encoding
gzip
etag
W/"6007a6d3-dfcf"
x-cdn
Incapsula
age
370410
x-pantheon-styx-hostname
styx-fe1-a-5bb796db7f-gr992
x-cache
HIT, HIT
x-iinfo
4-27198869-27198870 NNNN CT(1 7 0) RT(1611544027436 0) q(0 0 0 0) r(0 0) U5
content-length
40619
x-served-by
cache-mdw17358-MDW, cache-ams21043-AMS
access-control-allow-origin
*
last-modified
Wed, 20 Jan 2021 03:43:15 GMT
server
nginx
x-timer
S1611544028.674649,VS0,VE1
date
Mon, 25 Jan 2021 03:07:07 GMT
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish, 1.1 varnish
expires
Fri, 21 Jan 2022 20:13:37 GMT
cache-control
max-age=31622400
accept-ranges
bytes
x-styx-req-id
fab116f1-5b5b-11eb-ba9e-ce6c28e770a9
x-cache-hits
1, 1
winter-002.jpg
google.doesthishelp.com/images/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://google.doesthishelp.com/images/winter-002.jpg
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.144.68.126 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.doesthishelp.com
Software
Apache /
Resource Hash
854bad478d977017b2178a11e6dafd012090d799956b55e56d1113f7568e519e

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 03:07:07 GMT
Last-Modified
Tue, 26 Feb 2019 08:03:40 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
117455
main_bg.png
google.doesthishelp.com/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://google.doesthishelp.com/images/main_bg.png
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.144.68.126 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.doesthishelp.com
Software
Apache /
Resource Hash
dcc8fd1480817bf26d55af92b2d0f6e53984010a9aa1376a1eb58e4e7ea8d000

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 03:07:07 GMT
Last-Modified
Tue, 26 Feb 2019 08:03:40 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
24459
naulogo.png
cmsassets.nau.edu/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cmsassets.nau.edu/images/naulogo.png
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.114.93.228 Flagstaff, United States, ASN21582 (NAU-AS, US),
Reverse DNS
vip.cmsassets.nau.edu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7561050b339bf2ddc57972a9100024e814aca14b7634f5e614ffbebacd756c5f

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 24 Jan 2021 16:40:54 GMT
Via
NS-CACHE-10.0: 43
ETag
"7830651b6079d51:0"
Last-Modified
Wed, 02 Oct 2019 20:29:36 GMT
Server
Microsoft-IIS/10.0
Age
37576
X-Powered-By
ASP.NET
Content-Type
image/png
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10261
footer_logo_Does_This_Help.png
www.doesthishelp.com/copyright_b2kllc_usa/ 		91 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doesthishelp.com/copyright_b2kllc_usa/footer_logo_Does_This_Help.png
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.148.117 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.148.117.ip.incapdns.net
Software
Apache /
Resource Hash
37615b6b7480737a974e32ba14efe1b242ee0d91c46707f8f962d0ec441143cc

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-iinfo
14-94109089-94109092 NNYN CT(142 154 0) RT(1611544026872 0) q(0 0 3 1) r(5 5) U5
date
Mon, 25 Jan 2021 03:07:08 GMT
content-encoding
gzip
server
Apache
accept-ranges
bytes
x-cdn
Incapsula
content-type
text/html
footer_logo_B2K_LLC.png
www.doesthishelp.com/copyright_b2kllc_usa/ 		91 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doesthishelp.com/copyright_b2kllc_usa/footer_logo_B2K_LLC.png
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.148.117 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.148.117.ip.incapdns.net
Software
Apache /
Resource Hash
37615b6b7480737a974e32ba14efe1b242ee0d91c46707f8f962d0ec441143cc

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-iinfo
14-94109090-94109093 NNYN CT(141 155 0) RT(1611544026873 0) q(0 0 3 0) r(5 5) U5
date
Mon, 25 Jan 2021 03:07:08 GMT
content-encoding
gzip
server
Apache
accept-ranges
bytes
x-cdn
Incapsula
content-type
text/html
footer_brand_Made-Right-In-The-USA.png
www.doesthishelp.com/copyright_b2kllc_usa/ 		91 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.doesthishelp.com/copyright_b2kllc_usa/footer_brand_Made-Right-In-The-USA.png
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.148.117 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.148.117.ip.incapdns.net
Software
Apache /
Resource Hash
37615b6b7480737a974e32ba14efe1b242ee0d91c46707f8f962d0ec441143cc

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-iinfo
14-94109091-94109094 NNYN CT(138 152 0) RT(1611544026873 0) q(0 0 3 1) r(5 5) U5
date
Mon, 25 Jan 2021 03:07:08 GMT
content-encoding
gzip
server
Apache
accept-ranges
bytes
x-cdn
Incapsula
content-type
text/html
bh_175x25_04.gif
www.bluehost.com/cgi/partner/175x25/
Redirect Chain
  • https://img.bluehost.com/175x25/bh_175x25_04.gif
  • https://www.bluehost.com/cgi/partner/175x25/bh_175x25_04.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bluehost.com/cgi/partner/175x25/bh_175x25_04.gif
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.176.163.86 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-163-86.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Mon, 25 Jan 2021 03:07:07 GMT
server
nginx
strict-transport-security
max-age=3600
content-type
text/html; charset=iso-8859-1
location
https://www.bluehost.com/cgi/partner/175x25/bh_175x25_04.gif
expires
Mon, 01 Feb 2021 03:07:07 GMT
cache-control
max-age=604800
content-length
268
x-proxy-cache
MISS
platform.js
apis.google.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
95c10671f98df07af632df65063b1ae1c702275ad00418c0e5c5947dc5c2b78b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tb0+DiaqMDQkOOs3Rm+C7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 25 Jan 2021 03:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"00eb15a7bf372e066cca8e52356835a8"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-tb0+DiaqMDQkOOs3Rm+C7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Mon, 25 Jan 2021 03:07:07 GMT
Ws27DEqkbqI
www.youtube.com/embed/ Frame 8D6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Ws27DEqkbqI
Requested by
Host: google.doesthishelp.com
URL: https://google.doesthishelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/Ws27DEqkbqI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.doesthishelp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://google.doesthishelp.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache
content-length
8820
expires
Tue, 27 Apr 1971 19:44:06 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 25 Jan 2021 03:07:07 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=FRUojWxPTPw; path=/; domain=.youtube.com; secure; expires=Sat, 24-Jul-2021 03:07:07 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=FRUojWxPTPw; path=/; domain=.youtube.com; secure; expires=Sat, 24-Jul-2021 03:07:07 GMT; httponly; samesite=None YSC=7WtDFOC3C5U; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 25-Jan-2021 03:37:07 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1138872d55cb6d011415fd56d49abc5066c9e4e6878fe3c17caf479d9e11e54d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=page/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/ 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=page/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068f05464dd2ff7f28a1504e9673d23732e7af8322e2e448ed082a7ee187be78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 18:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Jan 2021 17:30:41 GMT
server
sffe
age
290330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41203
x-xss-protection
0
expires
Fri, 21 Jan 2022 18:28:17 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=auth/exm=page/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/ 		122 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=auth/exm=page/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde789e4d12eb0a6cbc89f95c01834ef26225d7391a1c7f33697a6393c5b7ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.doesthishelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 18:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Jan 2021 17:30:41 GMT
server
sffe
age
290330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42282
x-xss-protection
0
expires
Fri, 21 Jan 2022 18:28:17 GMT
page
apis.google.com/_/widget/render/ Frame BEF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F109077767244759355304&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nKFIWJhJKyGYGUI5xYzW+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F109077767244759355304&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.doesthishelp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=207=N4fudUWPTL3aCb378k0s68NaZbcSYh8zyAFmRpvlGzZc13zLECbZ2ODHnyT0MbAm33XdEjMR_CZjT5zO2ND5tpZpiUYDm-i60t9J7B8pZLX1E-5S1SGD4JaP-nB0dKZ71B4AtVPswOLgQO5Xp1MGUMdlURMrn8dvjaY2w7uMsBc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://google.doesthishelp.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 25 Jan 2021 03:07:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-nKFIWJhJKyGYGUI5xYzW+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
page
apis.google.com/_/widget/render/ Frame 47E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F109360223747772579996&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s339s3cRnE17M/KD3M/XIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F109360223747772579996&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.doesthishelp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=207=N4fudUWPTL3aCb378k0s68NaZbcSYh8zyAFmRpvlGzZc13zLECbZ2ODHnyT0MbAm33XdEjMR_CZjT5zO2ND5tpZpiUYDm-i60t9J7B8pZLX1E-5S1SGD4JaP-nB0dKZ71B4AtVPswOLgQO5Xp1MGUMdlURMrn8dvjaY2w7uMsBc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://google.doesthishelp.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 25 Jan 2021 03:07:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-s339s3cRnE17M/KD3M/XIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
page
apis.google.com/_/widget/render/ Frame 5989 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F111455397247821118531&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Deb6eTCPxljlXnEd+To5bA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/_/widget/render/page?usegapi=1&href=https%3A%2F%2Fplus.google.com%2F111455397247821118531&rel=publisher&origin=https%3A%2F%2Fgoogle.doesthishelp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.doesthishelp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=207=N4fudUWPTL3aCb378k0s68NaZbcSYh8zyAFmRpvlGzZc13zLECbZ2ODHnyT0MbAm33XdEjMR_CZjT5zO2ND5tpZpiUYDm-i60t9J7B8pZLX1E-5S1SGD4JaP-nB0dKZ71B4AtVPswOLgQO5Xp1MGUMdlURMrn8dvjaY2w7uMsBc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://google.doesthishelp.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 25 Jan 2021 03:07:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-Deb6eTCPxljlXnEd+To5bA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postmessageRelay
accounts.google.com/o/oauth2/ Frame DA27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgoogle.doesthishelp.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.GmQXYX2grLI.O/m=auth/exm=page/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HsobhbgFvPEH9Fk/cVjwTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fgoogle.doesthishelp.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.GmQXYX2grLI.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtu8dqzlwPg3dD9vohSr0qM2FQug%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.doesthishelp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=207=N4fudUWPTL3aCb378k0s68NaZbcSYh8zyAFmRpvlGzZc13zLECbZ2ODHnyT0MbAm33XdEjMR_CZjT5zO2ND5tpZpiUYDm-i60t9J7B8pZLX1E-5S1SGD4JaP-nB0dKZ71B4AtVPswOLgQO5Xp1MGUMdlURMrn8dvjaY2w7uMsBc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://google.doesthishelp.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 25 Jan 2021 03:07:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-HsobhbgFvPEH9Fk/cVjwTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| displaymessage function| displayts_ab function| displayts_r function| adMail string| myclose object| gapi object| ___jsl object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| oauth2 object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

5 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 207=N4fudUWPTL3aCb378k0s68NaZbcSYh8zyAFmRpvlGzZc13zLECbZ2ODHnyT0MbAm33XdEjMR_CZjT5zO2ND5tpZpiUYDm-i60t9J7B8pZLX1E-5S1SGD4JaP-nB0dKZ71B4AtVPswOLgQO5Xp1MGUMdlURMrn8dvjaY2w7uMsBc
.youtube.com/ Name: YSC
Value: 7WtDFOC3C5U
.doesthishelp.com/ Name: incap_ses_767_1985105
Value: FyGDa2LdRBWWq/jH6O6kCts1DmAAAAAAiYjs9fAgxdMZ59tDHd8F6A==
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: FRUojWxPTPw
.doesthishelp.com/ Name: visid_incap_1985105
Value: CyJYGKRLQMeiH6LjBVBX6do1DmAAAAAAQUIPAAAAAACoOlNLAEbkUY66y9czN68X

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
cmsassets.nau.edu
google.doesthishelp.com
img.bluehost.com
schools.graniteschools.org
w3connect.com
www.bluehost.com
www.ccusd93.org
www.doesthishelp.com
www.maricopa.edu
www.youtube.com
104.197.105.151
107.154.148.117
134.114.93.228
162.144.68.126
2a00:1450:4001:803::200d
2a00:1450:4001:819::200e
2a00:1450:4001:81e::200e
45.60.13.248
54.176.163.86
54.210.227.90
068f05464dd2ff7f28a1504e9673d23732e7af8322e2e448ed082a7ee187be78
0946d1f1e291115e70a9bb3b9627796a1a6426f120085c6149106b426e98a7c0
1138872d55cb6d011415fd56d49abc5066c9e4e6878fe3c17caf479d9e11e54d
14d979c0dac76a45815dd8ae7be7f19e915abcdf7d1f0307500411cc2b9d984c
37615b6b7480737a974e32ba14efe1b242ee0d91c46707f8f962d0ec441143cc
4587c8d352f83f764c86d78274b76b2ad38723e06bb227c7af34d1bdd96396bd
5b8f6a0ea0d8b33923f4511961c9983564feada662b56a63519fc2aeb3340ee0
7561050b339bf2ddc57972a9100024e814aca14b7634f5e614ffbebacd756c5f
854bad478d977017b2178a11e6dafd012090d799956b55e56d1113f7568e519e
95c10671f98df07af632df65063b1ae1c702275ad00418c0e5c5947dc5c2b78b
9688c97427bd7290300c5ac891524bab7e0b0f5724229b3e7aae6d33d887cf06
b4a3bf25a4f80097ecee5261cd616accce96359d42d3296b17e307767b991879
cde789e4d12eb0a6cbc89f95c01834ef26225d7391a1c7f33697a6393c5b7ef5
dcc8fd1480817bf26d55af92b2d0f6e53984010a9aa1376a1eb58e4e7ea8d000
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855