urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
142.250.186.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s-7-upxkqp.vipheaving.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3...
Effective URL: https://www.google.com/67222_595875618_9271
Submission Tags: falconsandbox
Submission: On December 05 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 9 HTTP transactions. The main IP is 142.250.186.36, located in United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 3.
TLS certificate: Issued by WR2 on November 4th 2024. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.9 13335 (CLOUDFLAR...)
2 2 172.67.69.59 13335 (CLOUDFLAR...)
1 3 172.67.212.211 13335 (CLOUDFLAR...)
2 104.18.187.31 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
1 1 54.176.180.59 16509 (AMAZON-02)
4 142.250.186.36 15169 (GOOGLE)
9 4
1    188.114.97.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
s-7-upxkqp.vipheaving.com
2    172.67.69.59 (United States)

ASN13335 (CLOUDFLARENET, US)
7-upxkqp.presentidealism.com
7.presentidealism.com
3    172.67.212.211 (United States)

ASN13335 (CLOUDFLARENET, US)
clickforwinning.com
2    104.18.187.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    54.176.180.59 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-180-59.us-west-1.compute.amazonaws.com
etagra9m.com
4    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
4 google.com
www.google.com — Cisco Umbrella Rank: 3
12 KB
3 clickforwinning.com
clickforwinning.com
4 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
51 KB
2 presentidealism.com
7-upxkqp.presentidealism.com
7.presentidealism.com
1 KB
1 etagra9m.com
etagra9m.com
571 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
31 KB
1 vipheaving.com
s-7-upxkqp.vipheaving.com
840 B
9 7
Domain Requested by
4 www.google.com clickforwinning.com
www.google.com
3 clickforwinning.com 1 redirects clickforwinning.com
2 cdn.jsdelivr.net clickforwinning.com
1 etagra9m.com 1 redirects
1 code.jquery.com clickforwinning.com
1 7.presentidealism.com 1 redirects
1 7-upxkqp.presentidealism.com 1 redirects
1 s-7-upxkqp.vipheaving.com 1 redirects
9 8

This site contains no links.

Subject Issuer Validity Valid
clickforwinning.com
WE1		 2024-12-01 -
2025-03-01		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/67222_595875618_9271
Frame ID: 3F8D9215A96E942A95FC791865514205
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error 404 (Not Found)!!1

Page URL History Show full URLs

  1. https://s-7-upxkqp.vipheaving.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0w... HTTP 302
    https://7-upxkqp.presentidealism.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0w... HTTP 302
    https://7.presentidealism.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0w... HTTP 302
    https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0w... Page URL
  2. https://clickforwinning.com/r2_2.php?q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyN... HTTP 302
    https://etagra9m.com/?E=8cYyKqkXw4a3LYOWMIuxm8ay2ltB7B34&s1=7&s2=12766_9322762_10369850&s3=2024-1... HTTP 302
    https://www.google.com/67222_595875618_9271 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

4
IPs

3
Countries

97 kB
Transfer

401 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s-7-upxkqp.vipheaving.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj HTTP 302
    https://7-upxkqp.presentidealism.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj HTTP 302
    https://7.presentidealism.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj HTTP 302
    https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj Page URL
  2. https://clickforwinning.com/r2_2.php?q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D HTTP 302
    https://etagra9m.com/?E=8cYyKqkXw4a3LYOWMIuxm8ay2ltB7B34&s1=7&s2=12766_9322762_10369850&s3=2024-12-05%2011:24:00&s4=12&s5=23 HTTP 302
    https://www.google.com/67222_595875618_9271 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://s-7-upxkqp.vipheaving.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj HTTP 302
  • https://7-upxkqp.presentidealism.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj HTTP 302
  • https://7.presentidealism.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj HTTP 302
  • https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
clickforwinning.com/
Redirect Chain
  • https://s-7-upxkqp.vipheaving.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
  • https://7-upxkqp.presentidealism.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
  • https://7.presentidealism.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
  • https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
146d737d5b5f580c935369d3913e58e5b091fe8d91b2049b6dddc23cc03c6290

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ed764909e82656f-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 05 Dec 2024 22:15:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzO%2FtU%2B4IuECRZnp0Su5wJ2ME%2BDomfJeqoBiQr%2B1SZ5le5zrr22Jn5mJfmRMEgFTW3UGAShNVzxm%2B8l9Yi1uGCPB0glhXRaZApD0WKTqjOF4HGfU3y2SpoKeTxqtHUuQggWBcAD0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=13321&min_rtt=13298&rtt_var=2825&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4137&recv_bytes=4547&delivery_rate=43732&cwnd=12000&unsent_bytes=0&cid=6634da80b3da7f7d&ts=67&x=1" cfHdrFlush;dur=0
x-powered-by
PHP/7.4.33

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8ed764902de20b58-AMS
content-length
143
content-type
text/html
date
Thu, 05 Dec 2024 22:15:05 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snwyyleVDinUwmOSGYQB18jZV%2BUh7f%2BqLZnonC1gGs7vOw9q3ryv%2FBY%2FX1XiUfFYiyiPCGlal1rIdk7FEuKbgiuTzY8QqyknBLh7Yc039FemMLmBhOk%2BLf0%2FDkVJTwkHnZ00H12zSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=13039&min_rtt=12945&rtt_var=1587&sent=10&recv=13&lost=0&retrans=0&sent_bytes=4820&recv_bytes=2580&delivery_rate=302735&cwnd=256&unsent_bytes=0&cid=0ef4aeb37d15a6e7&ts=237&x=0"
vary
Accept-Encoding
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/ 		216 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css
Requested by
Host: clickforwinning.com
URL: https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://clickforwinning.com
Referer
https://clickforwinning.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY"
age
662495
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A5i0QUf%2BAJyybzxLyAZ1IBrWLHW%2BD5EoRuclrovJSttnVfnNUzOPLn6CFqaAnQ7zEnzHReEGKJqgOmN2iWNXgQowzqUMH4UH9dxaQBYeUg8m1KIPMSC4fzv%2Fnbs4fxYOi70%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Thu, 05 Dec 2024 22:15:05 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220074-FRA, cache-lga21942-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ed764932d9b9fc4-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
26379
server
cloudflare
x-jsd-version
5.3.0-alpha1
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: clickforwinning.com
URL: https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://clickforwinning.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d84"
age
2811581
x-cache
HIT, HIT
date
Thu, 05 Dec 2024 22:15:05 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
21664, 475060
x-served-by
cache-lga21981-LGA, cache-mad2200127-MAD
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1733436906.534827,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30879
server
nginx
email-decode.min.js
clickforwinning.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clickforwinning.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: clickforwinning.com
URL: https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675198e5-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vShpt4usa2ZTSUxMrZcGZ4aR1pNaY3kbtY1Vmnhn6Rn5yNiKpPimy6y2Y0m5yfJUN8ZBeohloA%2BIrTNsShMgJGu1H%2BAWOuKQkIG%2B9k22dzNuuFpxhi4h%2FODQ1N2Yo7feJkktXQlb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ed764910efc656f-AMS
expires
Sat, 07 Dec 2024 22:15:05 GMT
date
Thu, 05 Dec 2024 22:15:05 GMT
content-type
application/javascript
last-modified
Thu, 05 Dec 2024 12:13:25 GMT
server
cloudflare
vary
Accept-Encoding
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js
Requested by
Host: clickforwinning.com
URL: https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://clickforwinning.com
Referer
https://clickforwinning.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"13ad7-v/eN2cAqUAirQ2QpSHOc5Yx2GyE"
age
228778
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvcbzPpeAjUt72UP%2FV0XSZfoBwyOctYIZ4z0JNQLJMhXd7dQHXGUZDq1Vn5rq0IUZGKV4jAD1t99qXcm%2Fnqh4vNcuaqOV6JhbSxFXBR2jCAE1kFGWC2XRyiooiKmja00l%2BI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Thu, 05 Dec 2024 22:15:05 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220023-FRA, cache-lga21931-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ed764932d9c9fc4-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
24765
server
cloudflare
x-jsd-version
5.3.0-alpha1
Primary Request 67222_595875618_9271
www.google.com/
Redirect Chain
  • https://clickforwinning.com/r2_2.php?q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D
  • https://etagra9m.com/?E=8cYyKqkXw4a3LYOWMIuxm8ay2ltB7B34&s1=7&s2=12766_9322762_10369850&s3=2024-12-05%2011:24:00&s4=12&s5=23
  • https://www.google.com/67222_595875618_9271
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/67222_595875618_9271
Requested by
Host: clickforwinning.com
URL: https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
/
Resource Hash
43e84967ef42609dc45aec5de932d6bc42a1fffae5463aec5b16d21a994f5418

Request headers

Referer
https://clickforwinning.com/r2.php?kay=bdyjaj&q=MTAzNjk4NTA7OTMyMjc2MjsyMDEyOzI7MTI3NjY7MjM7MjAyNC0xMi0wNSAxMToyNDowMDsxMjs3O2w7Ow%3D%3D&7-imsxnw=jmfvxj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1581
content-type
text/html; charset=UTF-8
date
Thu, 05 Dec 2024 22:15:06 GMT
referrer-policy
no-referrer

Redirect headers

cache-control
private
content-length
160
content-type
text/html; charset=utf-8
date
Thu, 05 Dec 2024 22:15:06 GMT
location
https://www.google.com/67222_595875618_9271
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
referrer-policy
no-referrer
robot.png
www.google.com/images/errors/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/errors/robot.png
Requested by
Host: www.google.com
URL: https://www.google.com/67222_595875618_9271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
5f9fc5b3fbddf0e72c5c56cdcfc81c6e10c617d70b1b93fbe1e4679a8797bff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.google.com/67222_595875618_9271

Response headers

cache-control
public, max-age=31536000
age
208445
cross-origin-resource-policy
cross-origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 12:21:01 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
6327
x-xss-protection
0
date
Tue, 03 Dec 2024 12:21:01 GMT
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
content-type
image/png
server
sffe
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/67222_595875618_9271
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.google.com/67222_595875618_9271

Response headers

cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 22:15:06 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
3170
date
Thu, 05 Dec 2024 22:15:06 GMT
x-xss-protection
0
content-type
image/png
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
favicon.ico
www.google.com/ 		5 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
1565
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 21:49:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 21:49:01 GMT
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=691200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1494
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.etagra9m.com/ Name: st
Value: mpqxvl3o/PMK0jayShjuRnXjFMln9ljBeFXK0g/UPBUjp6FNlGFPVw==
.etagra9m.com/ Name: tym
Value: Y1QcCuXhS1g8i1AzD3bUVnXjFMln9ljBeFXK0g/UPBUjp6FNlGFPVw==

1 Console Messages

Source Level URL
Text
network error URL: https://www.google.com/67222_595875618_9271
Message:
Failed to load resource: the server responded with a status of 404 ()