f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai Open in urlscan Pro Puny
f2vr017de22.программаздоровье.рф IDN
2606:4700:3035::6815:28ec Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://translate.google.com/website?sl=en&tl=hi&anno=2&client=srp&prev=search&u=https://f2vr017de22.%D0%BF%D1%80%D0%BE%D0%B3...
Effective URL:
https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/
Submission: On November 29 via api (November 29th 2024, 4:34:01 am UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3035::6815:28ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai.
TLS certificate: Issued by E6 on October 8th 2024. Valid for: 3 months.

This is the only time f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2607:f8b0:400... 2607:f8b0:4004:c09::71	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::8b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::8a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3035::6815:28ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
13	8

1 2607:f8b0:4004:c09::71 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::84 (Washington, United States)

ASN15169 (GOOGLE, US)

f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::8b (Washington, United States)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::8a (Washington, United States)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:28ec (United States)

ASN13335 (CLOUDFLARENET, US)

f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gstatic.com www.gstatic.com	190 KB
3	function sub() { [native code] }.	6 KB
3	google.com 1 redirects translate.google.com — Cisco Umbrella Rank: 1113	30 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 15372	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	847 B
1	translate.goog f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog	3 KB
0	prodlglousdates.com Failed qgxeqm.prodlglousdates.com Failed
13	7

	Domain	Requested by
4	www.gstatic.com	f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog www.gstatic.com
3	f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai	f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai
3	translate.google.com	1 redirects f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog www.gstatic.com
2	counter.yadro.ru	1 redirects f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai
1	fonts.googleapis.com	f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog
1	f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog
0	qgxeqm.prodlglousdates.com Failed	f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai
13	7

This site contains links to these domains. Also see Links.

Domain
antibot.cloud
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.googleusercontent.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
xn--80aagbhhl2baqhadoch0s.xn--p1ai E6	`2024-10-08` - `2025-01-06`	3 months	crt.sh

This page contains 2 frames:

Frame: https://qgxeqm.prodlglousdates.com/?utm_source=1e3a4e532f1c7040&&ban=other&j1=1&s1=190867&s2=1969130&s3=53-2Hqw
Frame ID: 777A7FEC1BC078B79BC1917C7C720627
Requests: 13 HTTP requests in this frame

Frame: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2Ff2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog&pfu=https%3A%2F%2Ff2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog%2F%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc&u=https%3A%2F%2Ff2vr017de22.%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5.%D1%80%D1%84%2F&sl=en&tl=hi&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Den%26tl%3Dhi%26hl%3Den-US%26anno%3D2%26client%3Dsrp%26u%3Dhttps%3A%2F%2Ff2vr017de22.%25D0%25BF%25D1%2580%25D0%25BE%25D0%25B3%25D1%2580%25D0%25B0%25D0%25BC%25D0%25BC%25D0%25B0%25D0%25B7%25D0%25B4%25D0%25BE%25D1%2580%25D0%25BE%25D0%25B2%25D1%258C%25D0%25B5.%25D1%2580%25D1%2584%2F%26anno%3D2&client=srp&hl=en-US&op=true
Frame ID: F4E5466EDBAB057D91B47B8DD1847059
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://translate.google.com/website?sl=en&tl=hi&anno=2&client=srp&prev=search&u=https://f2vr017de22.%D0%... HTTP 302
https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc Page URL
http://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/ HTTP 307
https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/ Page URL

Detected technologies

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

13
Requests

85 %
HTTPS

88 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

230 kB
Transfer

435 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://antibot.cloud/
Title: Bad Bot protection by AntiBot.Cloud

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;62new

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://translate.google.com/website?sl=en&tl=hi&anno=2&client=srp&prev=search&u=https://f2vr017de22.%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5.%D1%80%D1%84 HTTP 302
https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc Page URL
http://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/ HTTP 307
https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://translate.google.com/website?sl=en&tl=hi&anno=2&client=srp&prev=search&u=https://f2vr017de22.%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5.%D1%80%D1%84 HTTP 302
https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Request Chain 9

https://counter.yadro.ru/hit;62new?t52.6;rhttps%3A//f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc;s1600*1200*24;uhttps%3A//f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/;hJust%20a%20moment...;0.2723111221298118 HTTP 302
https://counter.yadro.ru/hit;62new?q;t52.6;rhttps%3A//f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc;s1600*1200*24;uhttps%3A//f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/;hJust%20a%20moment...;0.2723111221298118

Request Chain 12

https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/ HTTP 302
https://qgxeqm.prodlglousdates.com/?utm_source=1e3a4e532f1c7040&&ban=other&j1=1&s1=190867&s2=1969130&s3=53-2Hqw

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/
Redirect Chain

https://translate.google.com/website?sl=en&tl=hi&anno=2&client=srp&prev=search&u=https://f2vr017de22.%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C...
https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

8 KB
3 KB

619ms
546ms

Document
text/html

2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f444636dbec4c288cb62d3e9b404cebde5857714297f648aa4e7d26af3554a95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.translate.goog
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-security-policy: frame-ancestors *.translate.goog
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 29 Nov 2024 04:33:57 GMT
server: ESF
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: application/binary
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Nov 2024 04:33:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 0

GET
H3 200 m=corsproxy Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_US.Bo4EAw2xhvE.O/am=DgY/d=1/rs=AN8SPfoorOU8q8JRJjASMggoYHYw5OILSQ/ 78 KB
27 KB 43ms
19ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_US.Bo4EAw2xhvE.O/am=DgY/d=1/rs=AN8SPfoorOU8q8JRJjASMggoYHYw5OILSQ/m=corsproxy

Requested by

Host: f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog
URL: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bd570f6d8baa6aecbc819119be6a6ed4c1035b01b92afc861921309b042f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Response headers

content-encoding: gzip
age: 164081
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 06:59:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 06:59:16 GMT
last-modified: Mon, 25 Nov 2024 18:11:41 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27499
x-xss-protection: 0
server: sffe

GET
H2 200 css2
fonts.googleapis.com/ 631 B
847 B 73ms
30ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9128d68fffecf74bd0dbc5de06b7c86c5c5a847c25cb55ede56a717237dba918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 04:33:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:33:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 29 Nov 2024 04:33:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 m=phishing_protection Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_US.Bo4EAw2xhvE.O/am=DgY/d=1/exm=corsproxy/ed=1/rs=AN8SPfoorOU8q8JRJjASMggoYHYw5OILSQ/ 115 KB
36 KB 46ms
23ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_US.Bo4EAw2xhvE.O/am=DgY/d=1/exm=corsproxy/ed=1/rs=AN8SPfoorOU8q8JRJjASMggoYHYw5OILSQ/m=phishing_protection

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67efff029c2d41af4ef0fde443eb037fa3a021ffc9f9449e2e83eaac270131f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Response headers

content-encoding: gzip
age: 208791
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 18:34:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 18:34:06 GMT
last-modified: Mon, 25 Nov 2024 18:11:41 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36542
x-xss-protection: 0
server: sffe

GET
H3 200 m=navigationui Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_US.Bo4EAw2xhvE.O/am=DgY/d=1/exm=corsproxy,phishing_protection/ed=1/rs=AN8SPfoorOU8q8JRJjASMggoYHYw5OILSQ/ 24 KB
9 KB 39ms
16ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_US.Bo4EAw2xhvE.O/am=DgY/d=1/exm=corsproxy,phishing_protection/ed=1/rs=AN8SPfoorOU8q8JRJjASMggoYHYw5OILSQ/m=navigationui

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0ae46de01971ea9089d7ac23466ea687a9d76d740b357924050f42d39adb0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Response headers

content-encoding: gzip
age: 208791
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 18:34:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 18:34:06 GMT
last-modified: Mon, 25 Nov 2024 18:11:41 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="rosetta"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9001
x-xss-protection: 0
server: sffe

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 84 KB
29 KB 78ms
41ms Script
text/javascript 2607:f8b0:4004:c1d::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=gtElInit&hl=en-US&client=wt_srp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65d369f2761a13c826da1dc28f43dee802a3bf234c23c58b1e9d8acf785d638f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:33:57 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 118 KB
119 KB 17ms
16ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_US.Bo4EAw2xhvE.O/am=DgY/d=1/exm=corsproxy,phishing_protection/ed=1/rs=AN8SPfoorOU8q8JRJjASMggoYHYw5OILSQ/m=navigationui

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc

Response headers

age: 1596
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 04:57:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:07:21 GMT
last-modified: Wed, 20 Nov 2024 18:31:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=3000
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
accept-ranges: bytes
content-length: 121329
x-xss-protection: 0
server: sffe

GET
H2 200 websitetranslationui
translate.google.com/ Frame F4E5 0
0 126ms
97ms Document
text/html 2607:f8b0:4004:c1d::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/websitetranslationui?parent=https%3A%2F%2Ff2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog&pfu=https%3A%2F%2Ff2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog%2F%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc&u=https%3A%2F%2Ff2vr017de22.%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D1%8C%D0%B5.%D1%80%D1%84%2F&sl=en&tl=hi&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Den%26tl%3Dhi%26hl%3Den-US%26anno%3D2%26client%3Dsrp%26u%3Dhttps%3A%2F%2Ff2vr017de22.%25D0%25BF%25D1%2580%25D0%25BE%25D0%25B3%25D1%2580%25D0%25B0%25D0%25BC%25D0%25BC%25D0%25B0%25D0%25B7%25D0%25B4%25D0%25BE%25D1%2580%25D0%25BE%25D0%25B2%25D1%258C%25D0%25B5.%25D1%2580%25D1%2584%2F%26anno%3D2&client=srp&hl=en-US&op=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog script-src 'report-sample' 'nonce-f8mZ4Z_-SlHkrKWL7WEhXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog
X-Xss-Protection	0

Request headers

Referer: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog script-src 'report-sample' 'nonce-f8mZ4Z_-SlHkrKWL7WEhXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 29 Nov 2024 04:33:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/TranslateWebserverWebsiteTranslationUi/web-reports?context=eJzj8tDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7FqzyVWYyAukrjC2gDEQjwcWzuW7mIT-HHs9Q1GJbWk_ML4kqLEvOKcxJJU3fLUpOLUorLUongjAyMTQ0MjUz1Dg_gCAwBDCTAC"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3

200

Primary Request / Show response
f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/
Redirect Chain

http://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/
https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/

5 KB
4 KB

432ms
243ms

Document
text/html

2606:4700:3035::6815:28ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:28ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ba0dd3f8aaea1100214b023b6f724b4a7e8ab5307403c719f54e541b5973b6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/?_x_tr_sl=en&_x_tr_tl=hi&_x_tr_hl=en-US&_x_tr_pto=op,tc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e9fe1eeadc6428b-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 29 Nov 2024 04:33:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWD8uUxyHJdImwZYsqdNB1meQEg3MXOxVQqqG81y%2FjHFhn1Tb%2BG8alcqcY77ILiVe%2FKFRl1cPR9iqdbMU5AUVoy2KkYmqS2UhxrvdHqqQ0JBBmy5UzQrSxvCEDK7cN5VkJI0CuUjDhY1jnzUanP0kuZSRJonEoLcjvUoI1VjAfiMiU%2Bs9Mvjt76jAqE5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=13839&min_rtt=10162&rtt_var=8484&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4103&recv_bytes=4583&delivery_rate=807&cwnd=12000&unsent_bytes=0&cid=3c3c942c90c0dd1f&ts=253&x=1" cfExtPri cfHdrFlush;dur=0
x-frame-options: DENY
x-powered-cms: Antibot.Cloud (See: https://antibot.cloud/)
x-robots-tag: noindex

Redirect headers

Location: https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/
Non-Authoritative-Reason: HttpsUpgrades

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit;62new
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;62new?t52.6;rhttps%3A//f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc;s1600...
https://counter.yadro.ru/hit;62new?q;t52.6;rhttps%3A//f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc;s16...

362 B
848 B

143ms
143ms

Image
image/gif

88.212.201.204
UNITEDNET EDINAYA...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;62new?q;t52.6;rhttps%3A//f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc;s1600*1200*24;uhttps%3A//f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/;hJust%20a%20moment...;0.2723111221298118

Requested by

Host: f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai
URL: https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

a73d6739819ba98621e4bdb24bc2fbc2c88583479558b9878e5b986d3b59341d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/

Response headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 29 Nov 2023 21:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 362
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Fri, 29 Nov 2024 04:33:58 GMT
Content-Type: image/gif
Server: nginx/1.17.9

Redirect headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Location: https://counter.yadro.ru/hit;62new?q;t52.6;rhttps%3A//f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog/%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc;s1600*1200*24;uhttps%3A//f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/;hJust%20a%20moment...;0.2723111221298118
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 29 Nov 2023 21:00:00 GMT
Content-Length: 32
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Fri, 29 Nov 2024 04:33:58 GMT
Content-Type: text/html
Server: nginx/1.17.9

GET
H3 200 favicon.ico
f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/ 1 KB
1 KB 242ms
241ms Other
image/x-icon 2606:4700:3035::6815:28ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:28ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4442c09f020ef30928eb81cfe74d8bb6543561354ca9a53cf6a77255a234f5d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"62678338-57e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqCmIpvgKpt0kqCvWoQc6GeJyeqxZfuCNfXM542N8mHZgy1A%2B3ErMnULtnAPX%2BkdlV44l6wmk06ualqz5nGkem1yGkh%2Bw9E2QGRbE2uaOtiO0%2BsfMYNsLlTCAYIM5k2GetbEPILSibGnkTGb0efFi%2BN7KgcEmIgjzVJMmT7u8b%2BEQZ77oMk3SpxigkJf"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e9fe1f50d8a428b-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12814&min_rtt=9454&rtt_var=6549&sent=17&recv=14&lost=0&retrans=0&sent_bytes=7922&recv_bytes=5179&delivery_rate=401380&cwnd=12000&unsent_bytes=0&cid=3c3c942c90c0dd1f&ts=1274&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 04:33:58 GMT
content-type: image/x-icon
last-modified: Tue, 26 Apr 2022 05:29:28 GMT
vary: Accept-Encoding
priority: u=1,i

GET
H3 200 ab.php Show response
f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/antibot/ 349 B
1 KB 138ms
138ms Script
application/javascript 2606:4700:3035::6815:28ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/antibot/ab.php?h1=ab883fbaf0a8e915d4008a0d09cb0a7c&h2=84fd12a528c49800b93aa84aeadd4a04&ip=2a0d:5600:0024:1500:1011:fdaf:fd33:6af9&via=&v=5.07&r=f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog&rand=1732854837

Requested by

Host: f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai
URL: https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:28ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3da3caa89bb3f6b334120f859b8a473985d7e34a008b2259c89b2fa1bf2680ba

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/

Response headers

x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NnsF7SkMesSNrhxTHSB7sOwZLFcLYAwEbBbJbVOR5%2FHco%2FeClYrGezCJ65hepZaWUtmqJZtsXuM%2FidVeAvIBjO1ZPFq3RdjvrGrBAJ0SZmJc8Z10Ex9f7mKQD2EecMYmJAe6c2nf04MrUwHytNdDID%2FctnVoxKAeGqHVm9y4rvLcZymVm2MDpqLyWriL"}],"group":"cf-nel","max_age":604800}
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12410&min_rtt=9454&rtt_var=5719&sent=20&recv=16&lost=0&retrans=0&sent_bytes=9212&recv_bytes=5807&delivery_rate=5299&cwnd=12000&unsent_bytes=0&cid=3c3c942c90c0dd1f&ts=3454&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 29 Nov 2024 04:34:00 GMT
content-type: application/javascript; charset=UTF-8
priority: u=3,i=?0
x-frame-options: DENY
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-cms: Antibot.Cloud (See: https://antibot.cloud/)
cf-ray: 8e9fe2035972428b-EWR
server: cloudflare

GET

/
qgxeqm.prodlglousdates.com/
Redirect Chain

https://f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/
https://qgxeqm.prodlglousdates.com/?utm_source=1e3a4e532f1c7040&&ban=other&j1=1&s1=190867&s2=1969130&s3=53-2Hqw

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: qgxeqm.prodlglousdates.com
URL: https://qgxeqm.prodlglousdates.com/?utm_source=1e3a4e532f1c7040&&ban=other&j1=1&s1=190867&s2=1969130&s3=53-2Hqw

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| timer function| LoadTest object| d string| expires

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-21 05:44:26	Name: NID Value: 519=zg1Foh8A-5xvydDEBKqvzPEMXqLwCNNNm55SvMktb6CV4enhsTbJF6dlJLWKQtFG6lS0bqyV6rApTrV3wOcOurJc-77eXNbbqAcsJs8WCnkro0Nr6cXAytrZ66MfqTkt3U9Q75nV60PcN-UA7Fm1qAXQOR0zOOStepTJSNdlhLSPd85tZZtawazR
f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/	1970-01-21 02:47:18	Name: ab_referer Value: https%3A%2F%2Ff2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog%2F%3F_x_tr_sl%3Den%26_x_tr_tl%3Dhi%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dop%2Ctc
.yadro.ru/	1970-01-21 10:06:03	Name: FTID Value: 1dIKGs1ntjuw1dIKGs002Tqr
.yadro.ru/	1970-01-21 10:06:03	Name: VID Value: 3158XB27mYuw1dIKGs0026-l
f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai/	1970-01-21 01:22:21	Name: antibot Value: ebf8584687f3d29ffcb6fa43adeb4009

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.translate.goog
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
f2vr017de22-xn----80aagbhhl2baqhadoch0s-xn----p1ai.translate.goog
f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai
fonts.googleapis.com
qgxeqm.prodlglousdates.com
translate.google.com
www.gstatic.com
qgxeqm.prodlglousdates.com
2606:4700:3035::6815:28ec
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::71
2607:f8b0:4004:c09::84
2607:f8b0:4004:c1d::8a
2607:f8b0:4004:c1d::8b
88.212.201.204
3da3caa89bb3f6b334120f859b8a473985d7e34a008b2259c89b2fa1bf2680ba
4442c09f020ef30928eb81cfe74d8bb6543561354ca9a53cf6a77255a234f5d0
54ba0dd3f8aaea1100214b023b6f724b4a7e8ab5307403c719f54e541b5973b6
65d369f2761a13c826da1dc28f43dee802a3bf234c23c58b1e9d8acf785d638f
67efff029c2d41af4ef0fde443eb037fa3a021ffc9f9449e2e83eaac270131f1
9128d68fffecf74bd0dbc5de06b7c86c5c5a847c25cb55ede56a717237dba918
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0ae46de01971ea9089d7ac23466ea687a9d76d740b357924050f42d39adb0db
a73d6739819ba98621e4bdb24bc2fbc2c88583479558b9878e5b986d3b59341d
b5bd570f6d8baa6aecbc819119be6a6ed4c1035b01b92afc861921309b042f5a
f444636dbec4c288cb62d3e9b404cebde5857714297f648aa4e7d26af3554a95

f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai Open in urlscan Pro Puny f2vr017de22.программаздоровье.рф IDN 2606:4700:3035::6815:28ec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

85 %HTTPS

88 %IPv6

7 Domains

7 Subdomains

8 IPs

2 Countries

230 kBTransfer

435 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

f2vr017de22.xn--80aagbhhl2baqhadoch0s.xn--p1ai Open in urlscan Pro Puny
f2vr017de22.программаздоровье.рф IDN
2606:4700:3035::6815:28ec Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

88 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

230 kB
Transfer

435 kB
Size

5
Cookies

13 HTTP transactions
1 data transactions