urlscan.io logo urlscan.io
SecurityTrails logo

liamshop.site Open in urlscan Pro
2606:4700:3032::6815:1084  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://liamshop.site/
Effective URL: https://liamshop.site/
Submission: On April 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::6815:1084, located in United States and belongs to CLOUDFLARENET, US. The main domain is liamshop.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 12th 2023. Valid for: a year.
This is the only time liamshop.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

9    2606:4700:3032::6815:1084 (United States)

ASN13335 (CLOUDFLARENET, US)
liamshop.site
6    2607:f8b0:4006:81d::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:24ef:5200:1f:4100:9540:21 (United States)

ASN16509 (AMAZON-02, US)
d1lxhc4jvstzrp.cloudfront.net
1    2600:9000:2209:a000:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
1    2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
Apex Domain
Subdomains		 Transfer
9 liamshop.site
liamshop.site
17 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
130 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 13685
1 KB
2 cloudfront.net
d1lxhc4jvstzrp.cloudfront.net
d38psrni17bvxu.cloudfront.net
35 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 980
592 B
18 5
Domain Requested by
9 liamshop.site 2 redirects liamshop.site
6 www.google.com liamshop.site
www.google.com
2 afs.googleusercontent.com www.google.com
1 partner.googleadservices.com www.google.com
1 d38psrni17bvxu.cloudfront.net liamshop.site
1 d1lxhc4jvstzrp.cloudfront.net liamshop.site
18 6

This site contains links to these domains. Also see Links.

Domain
www.dynadot.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-12 -
2024-02-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://liamshop.site/
Frame ID: 0C1E7296F964B4678D05EDC662909413
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fliamshop.site%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDM4MWIxNzM5Y2JlfHx8MTY4MTM5ODU1MS4yNDg1fDY4MDZkZjhiMjVhZDcwMDdjNGVmNTNlZjMzYjlhOTAxZDk5MGRlNDh8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5NDZlMDM3ZWU4MmJmODAwNTg5YmU4M2Y0Yzg3NDA5MjdkNjI5ZjA5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2595154941770008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8611681398552671&num=0&output=afd_ads&domain_name=liamshop.site&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681398552674&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=855&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Fliamshop.site%2F&referer=http%3A%2F%2Fliamshop.site%2F&adbw=master-1%3A530
Frame ID: E3A1C13CED8C70080462C01A5D359A0C
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/js/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Frame ID: 2A32D2506D3A54000A016767F1422DEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

liamshop.site

Page URL History Show full URLs

  1. http://liamshop.site/ Page URL
  2. http://liamshop.site/cdn-cgi/phish-bypass?atok=rcaoA3Ojia6Hg23BfTVzVa53_Yujplb5BttuD5s2GFs-168139... HTTP 301
    http://liamshop.site/ HTTP 301
    https://liamshop.site/ Page URL

Page Statistics

18
Requests

83 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

1
Countries

183 kB
Transfer

422 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://liamshop.site/ Page URL
  2. http://liamshop.site/cdn-cgi/phish-bypass?atok=rcaoA3Ojia6Hg23BfTVzVa53_Yujplb5BttuD5s2GFs-1681398545-0-%2F HTTP 301
    http://liamshop.site/ HTTP 301
    https://liamshop.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
liamshop.site/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://liamshop.site/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb687e6acbcc7ece6cdf558b7bb7c13d8671a7e0dafe02f443919ac0374d28d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-RAY
7b74a0cf4fef2a60-ORD
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Apr 2023 15:09:05 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXqQ7QJQRduzMYgLTE%2F6T7mrqVuoY92czusj6KlyfNwMHxx3l0CJVMVZcp7UalQB%2BFYaDMojXc1k%2BTrq983W4l0EbBkpgWafjE85%2Bq7uEKwG9AvEnrIoVYNaW9CxNLM4SywjafCGCePB1Tpn"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf.errors.css
liamshop.site/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://liamshop.site/cdn-cgi/styles/cf.errors.css
Requested by
Host: liamshop.site
URL: http://liamshop.site/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
http://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 15:09:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Apr 2023 15:48:21 GMT
Server
cloudflare
ETag
W/"642ee9c5-5e44"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
7b74a0cfc87a2a60-ORD
Expires
Thu, 13 Apr 2023 17:09:05 GMT
icon-exclamation.png
liamshop.site/cdn-cgi/images/ 		452 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://liamshop.site/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: liamshop.site
URL: http://liamshop.site/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
http://liamshop.site/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 15:09:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Apr 2023 15:48:21 GMT
Server
cloudflare
ETag
"642ee9c5-1c4"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7b74a0d079492a60-ORD
Content-Length
452
Expires
Thu, 13 Apr 2023 17:09:05 GMT
Primary Request /
liamshop.site/
Redirect Chain
  • http://liamshop.site/cdn-cgi/phish-bypass?atok=rcaoA3Ojia6Hg23BfTVzVa53_Yujplb5BttuD5s2GFs-1681398545-0-%2F
  • http://liamshop.site/
  • https://liamshop.site/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://liamshop.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70059a56f26f3e2880b9ad9790c4d43a9ceb79ffadc4be5fb148d24fbe98906a

Request headers

Referer
http://liamshop.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b74a0ef89f52d9d-ORD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 13 Apr 2023 15:09:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mg05anES9IPpwL1CA0nYUZNUC4ZrcEyvTxXRQduslT4BiQERB5gHoityjaVscDAln3rU6UtHOiEgKezb6UQAs8dgd2Ab%2BA84J00951Y4GgnNHgQ7GcWTfzmjBdmnJWax0YaJpqoBg7hE3pZc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_prqM12FPKDqF8C0VQ7YfjChjlXJFMm7u3UFo6D+iqXzmkuxKfHUM3jEeRpJn3lkm3YTiIlta7dTh5h8TQTa59w==
x-domain
liamshop.site
x-subdomain

Redirect headers

CF-RAY
7b74a0eece462a60-ORD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 13 Apr 2023 15:09:10 GMT
Expires
Thu, 13 Apr 2023 16:09:10 GMT
Location
https://liamshop.site/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M%2BnMvZJ6H0v0VJS9ShdQVDgEhBm6xhUkPJ8Q%2BufrIxXZufDzoMqHHXR1Kt4k454zuBDU%2FkTdDEySoalVm%2BywsoRMPJlC5OJgmzN4C4PU6RjsucKx8xBT0AIeOtgdfwNIscXRbHrTjbrgMb0"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
caf.js
www.google.com/adsense/domains/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?abp=1
Requested by
Host: liamshop.site
URL: https://liamshop.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72d398c55e3a6f6707be3c7080d5de016ffaf5eee04f46d8062d0be00c573cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 15:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"1157353089423000420"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 13 Apr 2023 15:09:12 GMT
logo_dynadot4.png
d1lxhc4jvstzrp.cloudfront.net/themes/registrar/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1lxhc4jvstzrp.cloudfront.net/themes/registrar/images/logo_dynadot4.png
Requested by
Host: liamshop.site
URL: https://liamshop.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24ef:5200:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9135187c709018d5e8d56ee6eaf4e116363655f346f1c0a3e52bdaaba5fba6df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 13:23:36 GMT
via
1.1 da50954f4b0e035bd3d8a3139e1f5afa.cloudfront.net (CloudFront)
last-modified
Fri, 30 Apr 2021 08:33:04 GMT
server
nginx
x-amz-cf-pop
BOS50-P2
age
6336
etag
"608bc0c0-5bd9"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
23513
x-amz-cf-id
ZUpovaGQs8yduwUp3BUjc4yj5LVcql4VaAfzRUnTpPtcglbwkvxOsg==
track.php
liamshop.site/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liamshop.site/track.php?domain=liamshop.site&toggle=browserjs&uid=MTY4MTM5ODU1MS4yMzY4OjE4NjZmMzc0NTRkZWU4OGFlNzYzNjJiZTZkZjVlNmRkZGJjMjFmMGM0N2QyZjg3YmY2OGY4MWE2NzhjZmU3Njg6NjQzODFiMTczOWNmNw%3D%3D
Requested by
Host: liamshop.site
URL: https://liamshop.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 15:09:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
server
cloudflare
x-custom-track
browserjs
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16683F1mVIoGabN2%2Fc6%2Ftaib%2BW2eSdO8ryD%2FbfM6nKrSHjQHtyr1r%2BkuN29s85Z4ChUskloqX3zUXMXw2hCplxTMUVBSCB0seDOvO5oQSzmTTcfVYobIcP31o4KnjwLQsZZ2w4tly0uDMoJQ"}],"group":"cf-nel","max_age":604800}
cf-ray
7b74a0f7bb532d9d-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
arrows.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
Requested by
Host: liamshop.site
URL: https://liamshop.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:a000:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:22:26 GMT
via
1.1 957a0e737a088bdc07cb5cc9dcc9e826.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jun 2022 10:44:43 GMT
server
nginx
x-amz-cf-pop
EWR53-P1
age
28007
etag
"62b4441b-2c6f"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
11375
x-amz-cf-id
yt_h5xqUOn6Pqogs7steFpw1DMJSuQmZ6GGig2eY8YCv8uUyadZsxw==
ls.php
liamshop.site/ 		16 B
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liamshop.site/ls.php?t=64381b17&token=946e037ee82bf800589be83f4c8740927d629f09
Requested by
Host: liamshop.site
URL: https://liamshop.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 15:09:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
accept-ch-lifetime
30
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRxg%2BbYqWAKR2WF7%2FjBW0Tqa471ap9Obftc9GPWXfEK77xxVWKPSkN6lPznzq5%2BNT1VmvFcyY5gMPw6ed7RlWi%2B8epl6weAD8%2BM4n2wNu%2FVfcDpwEtaqnDpT2RegoRl2sXlFQ4Cd5nReOsYP"}],"group":"cf-nel","max_age":604800}
charset
utf-8
content-type
text/javascript;charset=UTF-8
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Km1pZ+PdScvTNLUV5HWGRDPJ5TUvM/aCjSRujcZ8MGsZIBCnpyzjgYytLAielmRW3/1L9Jxa8JFiKY346gaBKQ==
cf-ray
7b74a0fa2fc786d8-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookie.js
partner.googleadservices.com/gampad/ 		366 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=liamshop.site&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7222d8fab5f677505984c6f91a2601bc6bff9386dec3e13196a2fe46d6f83c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 15:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
x-xss-protection
0
ads
www.google.com/afs/ Frame E3A1 		16 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fliamshop.site%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDM4MWIxNzM5Y2JlfHx8MTY4MTM5ODU1MS4yNDg1fDY4MDZkZjhiMjVhZDcwMDdjNGVmNTNlZjMzYjlhOTAxZDk5MGRlNDh8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5NDZlMDM3ZWU4MmJmODAwNTg5YmU4M2Y0Yzg3NDA5MjdkNjI5ZjA5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2595154941770008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8611681398552671&num=0&output=afd_ads&domain_name=liamshop.site&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681398552674&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=855&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Fliamshop.site%2F&referer=http%3A%2F%2Fliamshop.site%2F&adbw=master-1%3A530
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
db9f4955ef4ebdbde854c1fecb55819597306945fd13aec7948d12d29964cc82
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-CoS1j2MlgPulrQjd4FYqxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection 0

Request headers

Referer
https://liamshop.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
10048
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-CoS1j2MlgPulrQjd4FYqxQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Thu, 13 Apr 2023 15:09:13 GMT
expires
Thu, 13 Apr 2023 15:09:13 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-xss-protection
0
caf.js
www.google.com/adsense/domains/ Frame E3A1 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js?pac=0
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fliamshop.site%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDM4MWIxNzM5Y2JlfHx8MTY4MTM5ODU1MS4yNDg1fDY4MDZkZjhiMjVhZDcwMDdjNGVmNTNlZjMzYjlhOTAxZDk5MGRlNDh8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5NDZlMDM3ZWU4MmJmODAwNTg5YmU4M2Y0Yzg3NDA5MjdkNjI5ZjA5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2595154941770008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8611681398552671&num=0&output=afd_ads&domain_name=liamshop.site&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681398552674&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=855&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Fliamshop.site%2F&referer=http%3A%2F%2Fliamshop.site%2F&adbw=master-1%3A530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf27e91f8b84c800221870f732cae8a59ae0002ee57214b3657e51a6ce8ed6c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 15:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"13152869852003910094"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 13 Apr 2023 15:09:13 GMT
search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame E3A1 		391 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fliamshop.site%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDM4MWIxNzM5Y2JlfHx8MTY4MTM5ODU1MS4yNDg1fDY4MDZkZjhiMjVhZDcwMDdjNGVmNTNlZjMzYjlhOTAxZDk5MGRlNDh8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5NDZlMDM3ZWU4MmJmODAwNTg5YmU4M2Y0Yzg3NDA5MjdkNjI5ZjA5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2595154941770008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8611681398552671&num=0&output=afd_ads&domain_name=liamshop.site&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681398552674&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=855&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Fliamshop.site%2F&referer=http%3A%2F%2Fliamshop.site%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Apr 2023 18:27:54 GMT
age
74479
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
270
x-xss-protection
0
last-modified
Thu, 19 Dec 2019 14:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Thu, 13 Apr 2023 17:27:54 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame E3A1 		200 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000002%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fliamshop.site%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDM4MWIxNzM5Y2JlfHx8MTY4MTM5ODU1MS4yNDg1fDY4MDZkZjhiMjVhZDcwMDdjNGVmNTNlZjMzYjlhOTAxZDk5MGRlNDh8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5NDZlMDM3ZWU4MmJmODAwNTg5YmU4M2Y0Yzg3NDA5MjdkNjI5ZjA5fDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2595154941770008&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300964&format=r3%7Cs&nocache=8611681398552671&num=0&output=afd_ads&domain_name=liamshop.site&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1681398552674&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=855&frm=0&cl=523105112&uio=--&cont=tc&jsid=caf&jsv=523105112&rurl=https%3A%2F%2Fliamshop.site%2F&referer=http%3A%2F%2Fliamshop.site%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Apr 2023 01:15:12 GMT
age
50041
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Fri, 14 Apr 2023 00:15:12 GMT
track.php
liamshop.site/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liamshop.site/track.php?domain=liamshop.site&caf=1&toggle=answercheck&answer=yes&uid=MTY4MTM5ODU1MS4yMzY4OjE4NjZmMzc0NTRkZWU4OGFlNzYzNjJiZTZkZjVlNmRkZGJjMjFmMGM0N2QyZjg3YmY2OGY4MWE2NzhjZmU3Njg6NjQzODFiMTczOWNmNw%3D%3D
Requested by
Host: liamshop.site
URL: https://liamshop.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 15:09:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
server
cloudflare
x-custom-track
answercheck
vary
Accept-Encoding
accept-ch-lifetime
30
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfWTqVEICFwdy31c3n3xMIuA8V7sy5R%2FNoVsZHniZsxMxa1jWi0ALv8hkbLBuZGKLxlxG6kygupZLxACop6o%2Fjzu6WFIgKbB9f%2BucDK0htRdtVzSmMuw6WNWRAFe1qBj7t0aCAs0KHgISLb4"}],"group":"cf-nel","max_age":604800}
cf-ray
7b74a0ff7f0b86d8-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
www.google.com/js/bg/ Frame 2A32 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/Bo5p8DbEpWqq_61_uCYPeBu7T3aczz0WnYolkwB_A5I.js
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?pac=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068e69f036c4a56aaaffad7fb8260f781bbb4f769ccf3d169d8a2593007f0392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 05:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
122527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14136
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 Apr 2024 05:07:07 GMT
gen_204
www.google.com/afs/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=cuyum1yh5t5v&aqid=GRs4ZJ35CLDNzLUPmMeqqAw&psid=6016880802&pbt=bs&adbx=535&adby=178&adbh=497&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=7%7C0%7C617%7C136%7C571&lle=0&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-ODqNCxZl0c4LgidPzQMENQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-ODqNCxZl0c4LgidPzQMENQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Thu, 13 Apr 2023 15:09:15 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=ofp4v646s4z9&aqid=GRs4ZJ35CLDNzLUPmMeqqAw&psid=6016880802&pbt=bv&adbx=535&adby=178&adbh=497&adbw=530&adbah=160%2C160%2C160&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=523105112&csala=7%7C0%7C617%7C136%7C571&lle=0&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-z-L6EG8v0JPzG18ksbGxVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://liamshop.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-z-L6EG8v0JPzG18ksbGxVQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date
Thu, 13 Apr 2023 15:09:16 GMT
server
gws
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/html; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless number| googleNDT_ number| googleAltLoader object| google object| tcblock object| searchboxBlock boolean| isAdult object| containerNames string| uniqueTrackingID string| search string| themedata string| domain string| scriptPath string| adtest boolean| pageLoadedCallbackTriggered boolean| fallbackTriggered boolean| formerCalledArguments object| pageOptions function| x function| getXMLhttp function| ajaxQuery function| ajaxBackfill number| waitTime number| timeout number| waitStep function| listenFor1TierResponse object| xmlHttp function| loadFeed function| relatedCallback function| relatedFallback function| ls function| __sasCookie

3 Cookies

Domain/Path Name / Value
.liamshop.site/ Name: __cf_mw_byp
Value: rcaoA3Ojia6Hg23BfTVzVa53_Yujplb5BttuD5s2GFs-1681398545-0-/
.liamshop.site/ Name: __gsas
Value: ID=8678c69d6235a91c:T=1681398553:S=ALNI_MYF6Ix10IUOb6dtQQNqvbiH8CSdXg
.google.com/ Name: NID
Value: 511=UlBWpD4k4qqktht7XloUuuaL_a2lYajhzMLjvA4f_hGwzqxFeEX-uOEhtECC9iLwxmb-hcuTNnvmaOVu3zHpBj98XbBY6zigc-IjcOyaDx11SmBFhvDfhPSbIg7Iwu1OjPiIH6QghOixkF_a3vdMJXYYyn7Ityc_7IQy5iopbwk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN