urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2a00:1450:4001:82b::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vip-link.net/DO6vI
Effective URL: https://www.google.com/search?q=lyricsbaazaar.com
Submission: On December 07 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2a00:1450:4001:82b::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 2.
TLS certificate: Issued by GTS CA 1C3 on November 2nd 2022. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2606:4700:3036::ac43:c74d (United States)

ASN13335 (CLOUDFLARENET, US)
vip-link.net
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.0.78.26 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
href.li
1    2606:4700:3036::6815:2a77 (United States)

ASN13335 (CLOUDFLARENET, US)
trends99.in
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
1    2606:4700:3035::ac43:9041 (United States)

ASN13335 (CLOUDFLARENET, US)
lyricsbaazaar.com
7    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
7 google.com
www.google.com — Cisco Umbrella Rank: 2
109 KB
5 vip-link.net
vip-link.net
210 KB
4 gstatic.com
fonts.gstatic.com
68 KB
1 lyricsbaazaar.com
lyricsbaazaar.com
3 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 13138
96 KB
1 trends99.in
trends99.in
1 KB
1 href.li
href.li — Cisco Umbrella Rank: 89496
335 B
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2258
996 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
933 B
22 9
Domain Requested by
7 www.google.com lyricsbaazaar.com
www.google.com
5 vip-link.net vip-link.net
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
1 lyricsbaazaar.com trends99.in
1 blogger.googleusercontent.com trends99.in
1 trends99.in href.li
1 href.li
1 www.recaptcha.net vip-link.net
1 fonts.googleapis.com vip-link.net
22 9

This site contains links to these domains. Also see Links.

Domain
support.google.com
policies.google.com
Subject Issuer Validity Valid
*.vip-link.net
E1		 2022-12-06 -
2023-03-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
tls.automattic.com
R3		 2022-10-26 -
2023-01-24		 3 months crt.sh
*.trends99.in
E1		 2022-11-28 -
2023-02-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-02 -
2023-11-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/search?q=lyricsbaazaar.com
Frame ID: 5D6859B8A5A59E4652658BE0A0E8F5A4
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

lyricsbaazaar.com - Google Search

Page URL History Show full URLs

  1. https://vip-link.net/DO6vI Page URL
  2. https://href.li/?https://trends99.in/ri.php?DO6vI Page URL
  3. https://trends99.in/ri.php?DO6vI Page URL
  4. https://lyricsbaazaar.com/post.php?https://m.vip-link.net/DO6vI Page URL
  5. https://www.google.com/search?q=lyricsbaazaar.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

89 %
IPv6

9
Domains

9
Subdomains

10
IPs

2
Countries

490 kB
Transfer

1068 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vip-link.net/DO6vI Page URL
  2. https://href.li/?https://trends99.in/ri.php?DO6vI Page URL
  3. https://trends99.in/ri.php?DO6vI Page URL
  4. https://lyricsbaazaar.com/post.php?https://m.vip-link.net/DO6vI Page URL
  5. https://www.google.com/search?q=lyricsbaazaar.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
DO6vI
vip-link.net/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vip-link.net/DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c74d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
067745a7d8733f054f0e893a321adbc1cab3220b2821078147a459b72e14ac15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
775b77167b9c7599-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 07:14:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fs3Xk6P0XFUnvsxNqI23Ok85YTOwGC3hOV9eUuN4bdq2HtPwREWCgXAcEwYhle6UpKaLm3MqVCaar9Qngd%2FNNS1RXq2VmCEViEUZmHnLaMtQNsqBpa%2FXFo76UZFjqN57Znef%2Fu%2F29oaImzU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: vip-link.net
URL: https://vip-link.net/DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vip-link.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Dec 2022 07:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 06:14:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Dec 2022 07:14:34 GMT
styles.min.css
vip-link.net/cloud_theme/build/css/ 		189 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vip-link.net/cloud_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: vip-link.net
URL: https://vip-link.net/DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c74d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vip-link.net/DO6vI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:14:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2502810
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 10 Aug 2022 07:25:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tz%2FK3Pc6E5%2BHtHY5gXRhaCh1w2V%2BDnNri%2FVGJaz2woOe%2BXOh9WB7DGh1TrFK%2BavI4yfy%2F%2BMh9ic7RefCPMjxteEtmEWSKBM0%2Fwz9z5hnwaDRg1x8oLHwGk4tJfQzXYUkoqj%2FDvYxvFtk1%2Fk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
775b7716fbf67599-LHR
expires
Thu, 08 Dec 2022 08:01:03 GMT
ads.js
vip-link.net/js/ 		190 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vip-link.net/js/ads.js
Requested by
Host: vip-link.net
URL: https://vip-link.net/DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c74d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vip-link.net/DO6vI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:14:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
539991
cf-polished
origSize=191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Wed, 10 Aug 2022 07:25:30 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BFdDGlUPU06hppXaeg9qFjwEDiYIKJmb9A9XflSKhf7qQhlil3xmSK2fnWRz4Re6zPNYj%2B0pxyj3hd8sA6xwaMcl0SDOAoJC5w3JfVHXoSNvHr39i1XAfidZKOQhMEWYV%2B%2Fd42TpQGTOiI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
775b7716fbf97599-LHR
expires
Sat, 31 Dec 2022 01:14:42 GMT
script.min.js
vip-link.net/cloud_theme/build/js/ 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vip-link.net/cloud_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: vip-link.net
URL: https://vip-link.net/DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c74d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vip-link.net/DO6vI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:14:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2502810
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 10 Aug 2022 07:25:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UjzbtqHmlf9lhepg5sWbyzD6IQtC3umlPsBQsA7tP6QLdpSQPko4T0owkicVVK%2B1OqsWCAJJqibvQLMd0DNy1sGOaeN%2Fz1b9DM86LYKzzwzWg7VHBP%2BHuN7vgMVKXq5R8qLt%2Fv05eSsk4o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
cf-ray
775b7716fbfa7599-LHR
expires
Thu, 08 Dec 2022 08:01:03 GMT
api.js
www.recaptcha.net/recaptcha/ 		921 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: vip-link.net
URL: https://vip-link.net/DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vip-link.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Wed, 07 Dec 2022 07:14:34 GMT
header.jpg
vip-link.net/cloud_theme/build/img/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vip-link.net/cloud_theme/build/img/header.jpg
Requested by
Host: vip-link.net
URL: https://vip-link.net/cloud_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c74d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vip-link.net/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:14:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8479243
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
113002
x-xss-protection
1; mode=block
last-modified
Wed, 10 Aug 2022 07:25:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FfXFPSDTNoOIErXPR2RMOVen9ASfOF4i0DybPtIWyb1CLm3TCIJMc4rUh3AML2iKSk1WwWpmxtffIuhNJRPkTWuMRbeeGr6UnYYZIO76o0zxgItmBqwwfpNk%2FYreomezKH932zYEw0LrEI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
775b7717fc43dd33-LHR
expires
Thu, 31 Aug 2023 03:53:50 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vip-link.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 17:07:14 GMT
x-content-type-options
nosniff
age
50840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 17:07:14 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vip-link.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 17:07:14 GMT
x-content-type-options
nosniff
age
50840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 17:07:14 GMT
/
href.li/ 		469 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://href.li/?https://trends99.in/ri.php?DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.26 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://vip-link.net
Referer
https://vip-link.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 07:14:35 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
3.lhr _dfw BYPASS
ri.php
trends99.in/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trends99.in/ri.php?DO6vI
Requested by
Host: href.li
URL: https://href.li/?https://trends99.in/ri.php?DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2a77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6258d7df4f37b7943fcca1d7783b689209b032a8844396de50edd6e0c5a06005

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
775b771a58e523c0-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 07:14:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHPsq268iU7GZE%2FYyDA8Qjz48Nr6WK8mI9GLjAuiCvyJp%2F34tCbMTH02tNOy2At0PG5GhglF9gNHcBZve8RfOSLHUzWTz2UXFnwgORIwEW0yYp7KtH%2FZvB5Ecdn9EwgTI66%2BiXkgmKexiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
WhatsApp%20Image%202022-06-22%20at%201.11.07%20PM.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfaNwjPisDFYvMEIhn2fEnXjp-tzsJ8hxRpqeYK5gJ1i5ZrInJpL6WSUKDXqQ9A3OnOVR-nKoz4_JdSiBAIfovTtvtG-CtMssttiI8Av1n7EVdzwSu1Q9k_X8o9ZH9751pgkSRdG9rQCzCTXMA... 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfaNwjPisDFYvMEIhn2fEnXjp-tzsJ8hxRpqeYK5gJ1i5ZrInJpL6WSUKDXqQ9A3OnOVR-nKoz4_JdSiBAIfovTtvtG-CtMssttiI8Av1n7EVdzwSu1Q9k_X8o9ZH9751pgkSRdG9rQCzCTXMAbtXKFZxls3UFRKOYZQuwmLcAo90yM1rqNWIeYKp_Ng/s1600/WhatsApp%20Image%202022-06-22%20at%201.11.07%20PM.jpeg
Requested by
Host: trends99.in
URL: https://trends99.in/ri.php?DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d1806383101a0b15b398650c447ec2d8cb39b5adf80799a01d15abe6e89716a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://trends99.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:14:35 GMT
x-content-type-options
nosniff
server
fife
etag
"v73c"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="WhatsApp Image 2022-06-22 at 1.11.07 PM.jpeg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97764
x-xss-protection
0
expires
Thu, 08 Dec 2022 07:14:35 GMT
post.php
lyricsbaazaar.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lyricsbaazaar.com/post.php?https://m.vip-link.net/DO6vI
Requested by
Host: trends99.in
URL: https://trends99.in/ri.php?DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://trends99.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
775b772e5f827556-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Dec 2022 07:14:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqawZ4HgmO1yXpWeEetnvXwoyvs%2BSVt%2ByusgLLEbraF4jfZocDP5COlgzvqU5MMzPFLn%2Bz2n%2B9SJa6%2FhQNh9lsZ5XwZues61%2BnmzYPA4l%2FY8ugMnPNqurYRy2errgE4YjQB7HHKdk5HjZgzw2gH%2BRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request search
www.google.com/ 		369 KB
101 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/search?q=lyricsbaazaar.com
Requested by
Host: lyricsbaazaar.com
URL: https://lyricsbaazaar.com/post.php?https://m.vip-link.net/DO6vI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
cba6fd9f3afd20aed83e56db0659f9843853f97c0209942f30dee08fdb0a3168
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Yoc6t4FxrZ4k8z_ep-AWKA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
private, max-age=0
content-encoding
br
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Yoc6t4FxrZ4k8z_ep-AWKA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Wed, 07 Dec 2022 07:14:38 GMT
expires
-1
origin-trial
AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0
24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 		742 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg
Requested by
Host: www.google.com
URL: https://www.google.com/search?q=lyricsbaazaar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 11:37:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
438
x-xss-protection
0
last-modified
Wed, 20 Apr 2022 17:17:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Dec 2023 11:37:42 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/search?q=lyricsbaazaar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 07:43:19 GMT
x-content-type-options
nosniff
age
171079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21464
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:42:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 07:43:19 GMT
gen_204
www.google.com/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=Xj2QY9b-J8r6sAftqqS4AQ&zx=1670397278817
Requested by
Host: www.google.com
URL: https://www.google.com/search?q=lyricsbaazaar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Wed, 07 Dec 2022 07:14:38 GMT
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="gws"
seasonal-holidays-2022-6753651837109831.4-s.png
www.google.com/logos/doodles/2022/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/logos/doodles/2022/seasonal-holidays-2022-6753651837109831.4-s.png
Requested by
Host: www.google.com
URL: https://www.google.com/search?q=lyricsbaazaar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83222cb0bde044f1e8ea279ee0f818ac15601aa146440e48b257f688592d9c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:22:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Nov 2022 08:31:12 GMT
server
sffe
age
399138
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2162
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 02 Dec 2023 16:22:20 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a5ec6acd0fbdf891a7bd762db97e05f1aaf8e0e91ed1fcaa33dbbeec12f1a81

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 		660 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp
Requested by
Host: www.google.com
URL: https://www.google.com/search?q=lyricsbaazaar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/search?q=lyricsbaazaar.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:14:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Apr 2020 22:00:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/webp
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
660
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 07 Dec 2022 07:14:38 GMT
gen_204
www.google.com/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?ei=Xj2QY9b-J8r6sAftqqS4AQ&vet=10ahUKEwjWpbbj-ub7AhVKPewKHW0VCRcQhJAHCAg..s&gl=GB&pc=SEARCH_RESULTS_PAGE&isMobile=false
Requested by
Host: www.google.com
URL: https://www.google.com/search?q=lyricsbaazaar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

bfcache-opt-in
unload
date
Wed, 07 Dec 2022 07:14:39 GMT
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="gws"
truncated
/ 		775 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		236 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		686 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		338 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/gif
nav_logo321.webp
www.google.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/nav_logo321.webp
Requested by
Host: www.google.com
URL: https://www.google.com/search?q=lyricsbaazaar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7fe384ea8e2902b8b6deb961d0fbd2c1998434d480f9f4989c3fcf545b25cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/search?q=lyricsbaazaar.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 07:14:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Jun 2021 23:00:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/webp
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5188
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 07 Dec 2022 07:14:39 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
693d261a936d309560e03481e07cd11313e3a72d8953f6fb592aff1ce9f49625

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e72a22ec1c123a01076bbe1b8dcc6170ef31a8f7f26b7d619133a8cc41f6a6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/jpeg
gen_204
www.google.com/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?s=web&t=aft&atyp=csi&ei=Xj2QY9b-J8r6sAftqqS4AQ&rt=wsrt.233,aft.294,afti.294,frt.269,prt.285,sct.248&wh=1200&frtp=607&imn=5&ima=2&imad=2&imac=3&aftp=1200&ddl=1&bl=p9Xv
Requested by
Host: www.google.com
URL: https://www.google.com/search?q=lyricsbaazaar.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

bfcache-opt-in
unload
date
Wed, 07 Dec 2022 07:14:39 GMT
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="gws"

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| h function| k function| m object| google object| gws_wizbind object| _skwEvts object| __jsaction

7 Cookies

Domain/Path Name / Value
vip-link.net/ Name: AppSession
Value: a2915544f917b1a685ba6bd8586a2d4d
vip-link.net/ Name: csrfToken
Value: bcde5db1e5b47a3853954332f44d9c6e6137eb13b76e2726b0aceb33ee6825834c4b53a667f6edcbe74955837513d40f45e6e0f0dcb4a046d0ef44395d8520b4
vip-link.net/ Name: app_visitor
Value: Q2FrZQ%3D%3D.NmI3YTlhMWMyZDgyMjliMTk5MzFkNjkzYmIyZTlhZmM2ZTllMGE1Y2JkNTJjZDJhY2FlMjQ2NjYwYjE5ZDk0Zs1ZKE7T2UfCqeVx6FUwz73YeOXcM7hxl6EYSnDbYxXmmOwfpxVbcrO9NCQjDS%2FRWUnilV7iLJ69Uo6x0MgmHlR9GGhQExAZj6dPuug2nIJu
lyricsbaazaar.com/ Name: JSON_fetch
Value: https://m.vip-link.net/DO6vI
.google.com/ Name: AEC
Value: AakniGMsVtRE6RvN2GLQQCg3RMadiG51KgSlaI-lkdUpyUU_k2wdqw7Du_o
.google.com/ Name: __Secure-ENID
Value: 8.SE=rlCCcNjwaNMH6jWtA8rieN8pDvx8kxiu9kBMkH44tTSp3dlmeAo0Scf2da93fjI7ZDxx4k_Owrd-wyDQPJ6DCJm2379OctEKj6bH8N-oTrMlE29kN7kaguMBaQSz1WtJt4bzq_MRhYgn_h0TZJp9G-DVtN7BIo-MrapamGqGcPE
.google.com/ Name: CONSENT
Value: PENDING+362

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
fonts.googleapis.com
fonts.gstatic.com
href.li
lyricsbaazaar.com
trends99.in
vip-link.net
www.google.com
www.recaptcha.net
192.0.78.26
2606:4700:3035::ac43:9041
2606:4700:3036::6815:2a77
2606:4700:3036::ac43:c74d
2a00:1450:4001:806::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2003
067745a7d8733f054f0e893a321adbc1cab3220b2821078147a459b72e14ac15
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0
1e72a22ec1c123a01076bbe1b8dcc6170ef31a8f7f26b7d619133a8cc41f6a6d
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435
5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b
6258d7df4f37b7943fcca1d7783b689209b032a8844396de50edd6e0c5a06005
693d261a936d309560e03481e07cd11313e3a72d8953f6fb592aff1ce9f49625
6a5ec6acd0fbdf891a7bd762db97e05f1aaf8e0e91ed1fcaa33dbbeec12f1a81
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
83222cb0bde044f1e8ea279ee0f818ac15601aa146440e48b257f688592d9c86
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
cba6fd9f3afd20aed83e56db0659f9843853f97c0209942f30dee08fdb0a3168
d1806383101a0b15b398650c447ec2d8cb39b5adf80799a01d15abe6e89716a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fe384ea8e2902b8b6deb961d0fbd2c1998434d480f9f4989c3fcf545b25cd1
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c