URL: https://myip.zenvpn.net/
Submission: On July 16 via automatic, source certstream-suspicious — Scanned from GB

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::6815:501f, located in United States and belongs to CLOUDFLARENET, US. The main domain is myip.zenvpn.net.
TLS certificate: Issued by WE1 on June 21st 2024. Valid for: 3 months.
This is the only time myip.zenvpn.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
7 zenvpn.net
myip.zenvpn.net
app.zenvpn.net
215 KB
3 gs-chat.com
js.gs-chat.com — Cisco Umbrella Rank: 542154
img.gs-chat.com
60 KB
2 gosquared.com
data2.gosquared.com — Cisco Umbrella Rank: 77793
static.gosquared.com — Cisco Umbrella Rank: 500527
76 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
171 KB
1 google.com.br
www.google.com.br — Cisco Umbrella Rank: 12525
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
254 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 238
1 cloudfront.net
d1l6p2sc9645hc.cloudfront.net
5 KB
18 8
Domain Requested by
6 app.zenvpn.net myip.zenvpn.net
app.zenvpn.net
2 img.gs-chat.com myip.zenvpn.net
2 www.googletagmanager.com myip.zenvpn.net
www.googletagmanager.com
1 static.gosquared.com myip.zenvpn.net
1 js.gs-chat.com d1l6p2sc9645hc.cloudfront.net
1 www.google.com.br myip.zenvpn.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 data2.gosquared.com d1l6p2sc9645hc.cloudfront.net
1 d1l6p2sc9645hc.cloudfront.net myip.zenvpn.net
1 myip.zenvpn.net
18 11

This site contains links to these domains. Also see Links.

Domain
app.zenvpn.net
www.ecosend.io
Subject Issuer Validity Valid
zenvpn.net
WE1
2024-06-21 -
2024-09-19
3 months crt.sh
*.google-analytics.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
gosquared.com
Amazon RSA 2048 M03
2023-09-25 -
2024-10-23
a year crt.sh
*.google.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.g.doubleclick.net
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.google.com.br
WR2
2024-06-24 -
2024-09-16
3 months crt.sh

This page contains 1 frames:

Primary Page: https://myip.zenvpn.net/
Frame ID: 6A74922E741D0F68E69ADA1131A88977
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

What is my IP address

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

91 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

528 kB
Transfer

995 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
myip.zenvpn.net/
6 KB
3 KB
Document
General
Full URL
https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:501f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb8f06e831c3938f819a5c5adcbaf11e7090d452fc3b933433819f154eb5d63
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
8a4521077bca7302-LHR
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Tue, 16 Jul 2024 21:36:39 GMT
expires
Tue, 16 Jul 2024 21:36:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PoZnEVcI74QMnrY9%2FFeeL9yW1I2fxagWWUq9I6DJeVZ%2FJTpCaTPhThdPULlePw4gDdxiJ3uShJjfsfZb96HD7s5CtF0ZTY%2FxhE7s%2BdpgAFVHonbjU2GH%2BcK2aIdbBgQOd6B74AORAVEy%2FdPUHhc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
vary
Cookie
x-content-type-options
nosniff
x-frame-options
DENY
app-e230725a.css
app.zenvpn.net/static/assets/
40 KB
8 KB
Stylesheet
General
Full URL
https://app.zenvpn.net/static/assets/app-e230725a.css
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:501f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e230725a8d484af06690b8de826b2fbb4b2b10536983ec3f5856b78343d2f43e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:39 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Jun 2024 17:03:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1154080
etag
W/"6679a6d4-a19e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rgMTy6JTtXFNWj3YyKcbftQdln5qYNZ8XAwEDlYst%2FYBGCPfRgdgNt9SDFeeocSFC1riYRimuXPLJFDqI1SKSvN%2Fo3V1ie7%2FCkiYBcEwEjV%2FPJT0ULdNXk%2BJIHr0KkfS8MT%2FjTAQ3kLuU9CVuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8a452108cd1f7302-LHR
expires
Fri, 02 Aug 2024 13:01:59 GMT
inter.css
app.zenvpn.net/static/fonts/inter/
5 KB
1 KB
Stylesheet
General
Full URL
https://app.zenvpn.net/static/fonts/inter/inter.css
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:501f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61728f24f5f02c00478aadadd82906d56b0b95e4b7e8a39651dd78e5f50fda7f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1083072
last-modified
Wed, 06 Dec 2023 19:23:53 GMT
server
cloudflare
etag
W/"6570ca49-13a7"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMGxgrShMgdcmsu6WbHIXZ0igixLCuVbVbnsFP1CCTpC3uFB10FPmZJ7VQEvWTLbsSRhk%2FupZD4rb7NL2wq8ngSzNXKDr4S1iLesIPU6LwzRZhR%2FQvcK2ChtUu3oB%2BBBGeNJB%2BXs4G8Q%2FKVONA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
8a452108cd207302-LHR
expires
Sat, 03 Aug 2024 08:45:27 GMT
gb.svg
app.zenvpn.net/static/img/flags/svg/1x1/
538 B
686 B
Image
General
Full URL
https://app.zenvpn.net/static/img/flags/svg/1x1/gb.svg
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:501f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b739ae884c7322d7edf3d2a9c2643193eee11f15ffb485399dbff096c96e8d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:39 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 27 Oct 2023 17:50:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"653bf878-21a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpsJer0mET%2B56QBnqfrF%2FnaDMk8QlbjCMUZpA1n%2BeA1SJQ5I7dtVBwJNu8WjTn%2F6MATLQWjC%2F6joCduSgnf0vX8liXg6V9LowcrksVQ1TYXqIlBiNYOtjno20xJjb%2B%2FKq9VQavjpz5Gt%2FotEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
8a452108cd237302-LHR
expires
Thu, 15 Aug 2024 21:36:39 GMT
gtm.js
www.googletagmanager.com/
224 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QG6VR74
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f4d8b0e2caf3348b36c9dff208ba3c19b1c8565454833c4e3551b504b361149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79700
x-xss-protection
0
last-modified
Tue, 16 Jul 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Jul 2024 21:36:40 GMT
gosquared.js
d1l6p2sc9645hc.cloudfront.net/
10 KB
5 KB
Script
General
Full URL
https://d1l6p2sc9645hc.cloudfront.net/gosquared.js
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:f200:f:fd8f:b000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d31f56a187f8eb110311203d9bea6694b2efe0aa5a868c72f13f388619d3de8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 12:51:56 GMT
content-encoding
gzip
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
last-modified
Mon, 08 Apr 2024 10:07:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
31485
x-amz-server-side-encryption
AES256
etag
W/"55ddb5289c73831f2a6cf0a8e1c30549"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
cache-control
max-age=43200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
CCpURdq-PfzPNcEnOuqRB3W4qFsjWcxeRtIvcP9Bgu2MYdgdWI8Z7A==
Inter-Bold.woff2
app.zenvpn.net/static/fonts/inter/
104 KB
104 KB
Font
General
Full URL
https://app.zenvpn.net/static/fonts/inter/Inter-Bold.woff2?v=3.19&cc=1
Requested by
Host: app.zenvpn.net
URL: https://app.zenvpn.net/static/fonts/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ada8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7

Request headers

Referer
https://app.zenvpn.net/static/fonts/inter/inter.css
Origin
https://myip.zenvpn.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:40 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
106140
last-modified
Fri, 27 Oct 2023 17:50:48 GMT
server
cloudflare
etag
"653bf878-19e9c"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9YWYzoN0dpeO%2FuAkJC%2BJb%2F5zmhEx3xitsVfupv%2BOqWXaSc9XtGMiKxgGN3%2BRXBa6RgJDpAM%2Bf2WfnvHj9T2ZMAgCTFVqSw4fllFVOPO0pEghqtrssPsjdtYBAMX11J8AVJpCcPx0h6sWRNDcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8a452109fdbe93f7-LHR
expires
Thu, 15 Aug 2024 21:36:40 GMT
Inter-Regular.woff2
app.zenvpn.net/static/fonts/inter/
97 KB
97 KB
Font
General
Full URL
https://app.zenvpn.net/static/fonts/inter/Inter-Regular.woff2?v=3.19&cc=1
Requested by
Host: app.zenvpn.net
URL: https://app.zenvpn.net/static/fonts/inter/inter.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ada8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://app.zenvpn.net/static/fonts/inter/inter.css
Origin
https://myip.zenvpn.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:40 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
98868
last-modified
Fri, 27 Oct 2023 17:50:48 GMT
server
cloudflare
etag
"653bf878-18234"
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmHbA0%2FC5X%2BTSBCL4a0Ul%2FqAWi3Ns7qwgVAQmKKDUogYfpJtW4dQKSFETU3SDc3AOA1h2%2BZGTPTJW8qZTxvl0YEQfN1bpdxBhHNn4eXyggLQRVbmaz%2FFODoPbxR6bigvU1k%2FCnFVEOGuYyhSoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8a452109fdc193f7-LHR
expires
Thu, 15 Aug 2024 21:36:40 GMT
js
www.googletagmanager.com/gtag/
270 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3QBFQP2L7K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QG6VR74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a17861e7d4dae1d59c150297c141b95b459c84c389fc20a60bb0561a40fe2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94798
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jul 2024 21:36:40 GMT
pv
data2.gosquared.com/
2 KB
2 KB
Script
General
Full URL
https://data2.gosquared.com/pv?cs=UTF-8&cd=24&la=en-GB&sw=1600&sh=1200&dp=1&tp=0&pu=https%3A%2F%2Fmyip.zenvpn.net%2F&pt=What%20is%20my%20IP%20address&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1600&vh=1200&dw=1600&dh=1200&st=0&sl=0&tz=-60&rc=1&cb=0&a=GSN-178890-Y&id=5d1b2576756173ef0199cfe951559c2d&tv=6.7.1941
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/gosquared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.185.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-185-162.compute-1.amazonaws.com
Software
/
Resource Hash
940eda2c1a77e91c1c36524994da2a97dcf473f456dc11c8b65912725d3f55f0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:40 GMT
content-length
2391
content-type
text/javascript
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3QBFQP2L7K&gtm=45je4790v9126092353z89138698317za200zb9138698317&_p=1721165799847&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1008279901.1721165800&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721165800&sct=1&seg=0&dl=https%3A%2F%2Fmyip.zenvpn.net%2F&dt=What%20is%20my%20IP%20address&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=761&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QBFQP2L7K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 21:36:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myip.zenvpn.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
254 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3QBFQP2L7K&cid=1008279901.1721165800&gtm=45je4790v9126092353z89138698317za200zb9138698317&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QBFQP2L7K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 21:36:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myip.zenvpn.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.br/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com.br/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3QBFQP2L7K&cid=1008279901.1721165800&gtm=45je4790v9126092353z89138698317za200zb9138698317&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1327528025
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 21:36:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chat.js
js.gs-chat.com/
160 KB
57 KB
Script
General
Full URL
https://js.gs-chat.com/chat.js?fa70e6017ba1bcd3
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/gosquared.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:7a00:9:ce73:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8d379cb3c3e74a22ed56e2eb448281279d475f133219267ffd985379e86e864

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 20:32:24 GMT
content-encoding
br
via
1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 15:50:34 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
age
3857
etag
W/"4f16801fbc9629aec4363342b574b9ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tA4ixhp1ayCoKiUP1KSvXrvTSyAAhBtawHDXaWyY93t7v292kBkYsA==
1f31f.png
img.gs-chat.com/emoji/20/
1 KB
1 KB
Image
General
Full URL
https://img.gs-chat.com/emoji/20/1f31f.png
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6000:c:a0be:3a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10292a3b750921b584811adf7a2391429c7f7fdbc713a9e99550b1d9e761d536

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 07:47:31 GMT
via
1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
last-modified
Fri, 04 Dec 2020 13:22:50 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
age
50858
etag
"6de2455d15a992fecdea373653d8b59e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-meta-optimized
yes
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1024
x-amz-cf-id
deBybwOpH9bYbZPqnV7SSyDw_PkFNE9xsfuxE60bzzPIfBgNKI1FIg==
1f490.png
img.gs-chat.com/emoji/20/
1 KB
2 KB
Image
General
Full URL
https://img.gs-chat.com/emoji/20/1f490.png
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:6000:c:a0be:3a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
823b179d9ff00ac4477537fcd02fbd8800ed7b6a8f5e1f5520e6694ebb092a05

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 07:47:31 GMT
via
1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
last-modified
Fri, 04 Dec 2020 13:23:03 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
age
50858
etag
"33026aaf10c2dd4c9470cf0154682891"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-meta-optimized
yes
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1287
x-amz-cf-id
cA1BQJEJD98bu8pmwdAXc5Xwu4-6HQwW3T2QFM3IITE8w8mwURdKKg==
Inter.latin.var.woff2
static.gosquared.com/fonts/inter/2020-11/
73 KB
74 KB
Font
General
Full URL
https://static.gosquared.com/fonts/inter/2020-11/Inter.latin.var.woff2
Requested by
Host: myip.zenvpn.net
URL: https://myip.zenvpn.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:ae00:8:dc7e:3400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
GS /
Resource Hash
2d92ac468956074ec5971284f7db01a303f1ed1268208abfcefd26a9325bdade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myip.zenvpn.net/
Origin
https://myip.zenvpn.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Jul 2024 07:58:23 GMT
via
1.1 d3a48a8630785a2a858cfdeb83e66c24.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
49107
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
75000
x-xss-protection
1; mode=block
server
GS
etag
"4ed1a31b78396d06cb26a922ed5f2132"
access-control-max-age
3000
access-control-allow-methods
OPTIONS, GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Cookie
x-amz-cf-id
3LC7KJwkAKlvXVE2SaV0r-Y6tv4heE6fsCraDS8ETWlNPgXe7ThKdg==
favicon.png
app.zenvpn.net/static/img/
691 B
1 KB
Other
General
Full URL
https://app.zenvpn.net/static/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:501f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7ed451ec7c6ee2129129152f4fdcd62f98f4a6c5532c61b3267fcc9b0c0d65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:36:41 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1893669
content-length
691
last-modified
Thu, 21 Dec 2023 19:03:16 GMT
server
cloudflare
etag
"65848bf4-2b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fwd1LhsiaaTUD0B8xsuyRRAJaEGF7Z%2F6RZIif6EMNE%2BvqhLIxtxfoh%2B%2BfSTCchdUf4byb%2BW%2BVPYj32HoiJdV%2FhoTjfghacAIOgvvS3LnbWET6qA5ZOLJSbwgAtPYAB43kO%2BF0HxxPvnTnhhIRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8a452111edd77302-LHR
expires
Wed, 24 Jul 2024 23:35:32 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| _gs object| google_tag_manager object| google_tag_data object| gaGlobal

4 Cookies

Domain/Path Name / Value
myip.zenvpn.net/ Name: gs_v_GSN-178890-Y
Value:
myip.zenvpn.net/ Name: gs_u_GSN-178890-Y
Value: 5d1b2576756173ef0199cfe951559c2d:2567:5000:1721165800118
.zenvpn.net/ Name: _ga_3QBFQP2L7K
Value: GS1.1.1721165800.1.0.1721165800.60.0.0
.zenvpn.net/ Name: _ga
Value: GA1.1.1008279901.1721165800

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
app.zenvpn.net
d1l6p2sc9645hc.cloudfront.net
data2.gosquared.com
img.gs-chat.com
js.gs-chat.com
myip.zenvpn.net
static.gosquared.com
stats.g.doubleclick.net
www.google.com.br
www.googletagmanager.com
2600:9000:21c7:6000:c:a0be:3a80:93a1
2600:9000:21c7:7a00:9:ce73:e940:93a1
2600:9000:2394:ae00:8:dc7e:3400:93a1
2600:9000:2490:f200:f:fd8f:b000:93a1
2606:4700:3035::6815:501f
2606:4700:3037::ac43:ada8
2a00:1450:4001:811::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9d
3.227.185.162
10292a3b750921b584811adf7a2391429c7f7fdbc713a9e99550b1d9e761d536
2a17861e7d4dae1d59c150297c141b95b459c84c389fc20a60bb0561a40fe2b9
2d92ac468956074ec5971284f7db01a303f1ed1268208abfcefd26a9325bdade
4b739ae884c7322d7edf3d2a9c2643193eee11f15ffb485399dbff096c96e8d0
4f4d8b0e2caf3348b36c9dff208ba3c19b1c8565454833c4e3551b504b361149
61728f24f5f02c00478aadadd82906d56b0b95e4b7e8a39651dd78e5f50fda7f
6bb8f06e831c3938f819a5c5adcbaf11e7090d452fc3b933433819f154eb5d63
6d31f56a187f8eb110311203d9bea6694b2efe0aa5a868c72f13f388619d3de8
823b179d9ff00ac4477537fcd02fbd8800ed7b6a8f5e1f5520e6694ebb092a05
940eda2c1a77e91c1c36524994da2a97dcf473f456dc11c8b65912725d3f55f0
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
e230725a8d484af06690b8de826b2fbb4b2b10536983ec3f5856b78343d2f43e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8d379cb3c3e74a22ed56e2eb448281279d475f133219267ffd985379e86e864
fc7ed451ec7c6ee2129129152f4fdcd62f98f4a6c5532c61b3267fcc9b0c0d65