www.google.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 173.194.68.147, located in United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 3.
TLS certificate: Issued by WR2 on September 30th 2024. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.74.75 172.67.74.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.169.149 172.67.169.149	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.68.147 173.194.68.147	15169 (GOOGLE) (GOOGLE)
6	3

1 172.67.74.75 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

modijiurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.169.149 (United States)

ASN13335 (CLOUDFLARENET, US)

newsonnline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.68.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	newsonnline.com newsonnline.com	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	477 B
1	modijiurl.com 1 redirects modijiurl.com	1 KB
6	3

	Domain	Requested by
4	newsonnline.com	newsonnline.com www.google.com
1	www.google.com	newsonnline.com
1	modijiurl.com	1 redirects
6	3

This site contains no links.

Subject Issuer	Validity	Valid
newsonnline.com WE1	`2024-10-20` - `2025-01-18`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Frame: https://newsonnline.com/best-practices-for-filling-out-your-university-application-form/
Frame ID: A7FCA9EFBDBDE07128BD4EE9E3E3FC69
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://modijiurl.com/X7rYPS HTTP 307
https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839 Page URL
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://newsonnline.com/best-prac... Page URL

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

6 kB
Transfer

6 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://modijiurl.com/X7rYPS HTTP 307
https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839 Page URL
https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://newsonnline.com/best-practices-for-filling-out-your-university-application-form/&ved=2ahUKEwjcu6mckISJAxVu2DgGHSXiGJM4FBAWegQIDhAB&usg=AOvVaw3FNmnqDwYk057RSkGK_W7r Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://modijiurl.com/X7rYPS HTTP 307
https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

safe.php Show response
newsonnline.com/
Redirect Chain

https://modijiurl.com/X7rYPS
https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

3 KB
2 KB

768ms
667ms

Document
text/html

172.67.169.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.169.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.21

Resource Hash

76ff9662b67fdcbd48723bb5d368d9f3b79c149e724342a73f00f060b10ec04d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d674af2cee55443-YYZ
content-encoding: zstd
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 06:04:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
panel: hpanel
platform: hostinger
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEdZ%2FvLQyUeZaNmFlpRsIajhv1BdJf%2FoUWHYW3vfYMmDr7XNacL23G4OMjz0AsHy3JZBatVxIx6fGiG%2FMRRMxOdPg5%2FaxjqsokfOTLrWolhIUh2dU0cWYLQvQ5e187nkPlE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=24907&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4170&recv_bytes=4527&delivery_rate=566&cwnd=12000&unsent_bytes=0&cid=5f24b5bffbcf944b&ts=677&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.2.21
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d674aedcdf2a1e7-YYZ
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 06:04:55 GMT
expect-ct: max-age=86400, enforce
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
panel: hpanel
platform: hostinger
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqeR7EdRGK7zPh4yOjjNde0RxJuFZQhdizA8OEw4jhzICEf6s53ZnOjnzqCOSFw9%2BF1iI%2B33Vp2DyhJebXGN3uq%2FtzLeowq4selQ1tzb3D5UeCbPY7N1PsGLezhFmy4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H3 200 process_cookie.php Show response
newsonnline.com/ 0
827 B 243ms
243ms XHR
text/html 172.67.169.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsonnline.com/process_cookie.php

Requested by

Host: newsonnline.com
URL: https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.169.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N9jY52Q3PPdfEaY%2B%2FVPtJvHDGEH%2BMzdt7CNtktWFCZjhE%2B%2Bj3cIXENOTzeyWiRCERJRClSiEUQj4Bai8nP9kekRe0lSXwsxlGwEa1ojp%2BtmDszjedVQgtoxqlwMsD8EpJzM%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24884&sent=16&recv=14&lost=0&retrans=0&sent_bytes=6238&recv_bytes=5426&delivery_rate=81532&cwnd=12000&unsent_bytes=0&cid=5f24b5bffbcf944b&ts=1011&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 06:04:57 GMT
content-type: text/html; charset=UTF-8
priority: u=1,i
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8d674af7890a5443-YYZ
x-turbo-charged-by: LiteSpeed
x-powered-by: PHP/8.2.21
server: cloudflare
panel: hpanel

GET
H3 200 process_cookie.php Show response
newsonnline.com/ 0
818 B 487ms
244ms XHR
text/html 172.67.169.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsonnline.com/process_cookie.php

Requested by

Host: newsonnline.com
URL: https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.169.149 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkPfPRKyzOfb8%2BtBGYUUTCl9lwH3mPPZ0od6Ph09nymg3qNvujIijgDjMivNCBw5iTpVNVrfLT3LrjHERudSPLQxQHxUkMlx9g8OQ9eReoAGSwHjItM4uGeY2gxRnfj70tQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24849&sent=18&recv=15&lost=0&retrans=0&sent_bytes=7112&recv_bytes=5814&delivery_rate=3504&cwnd=12000&unsent_bytes=0&cid=5f24b5bffbcf944b&ts=1256&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 06:04:57 GMT
content-type: text/html; charset=UTF-8
priority: u=1,i
platform: hostinger
content-security-policy: upgrade-insecure-requests
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
cf-ray: 8d674af909a05443-YYZ
x-turbo-charged-by: LiteSpeed
x-powered-by: PHP/8.2.21
server: cloudflare
panel: hpanel

GET
H3 404 favicon.ico
newsonnline.com/ 2 KB
2 KB 649ms
649ms Other
text/html 172.67.169.149
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsonnline.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.169.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

Response headers

content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EsSSPnFX%2BeX5pn%2FyI9ss2IO4Nd4nEMD2DmaMVvCiYhCRsfJDS6unqUatFWCrXdSATNFyrXScUCHQdKwfTXm4ZbvfCqmmdlLiALm7w%2Fu%2BaDNB0HmlcXd1AgdxFtwZ%2Fz5BEVo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24869&sent=19&recv=16&lost=0&retrans=0&sent_bytes=7953&recv_bytes=5858&delivery_rate=3147&cwnd=12000&unsent_bytes=0&cid=5f24b5bffbcf944b&ts=1421&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 06:04:57 GMT
content-type: text/html
last-modified: Wed, 18 Jan 2023 19:41:46 GMT
vary: Accept-Encoding
priority: u=1,i
platform: hostinger
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d674af7890e5443-YYZ
x-turbo-charged-by: LiteSpeed
server: cloudflare
panel: hpanel

GET
H3 200 Primary Request url Show response
www.google.com/ 812 B
477 B 144ms
66ms Document
text/html 173.194.68.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://newsonnline.com/best-practices-for-filling-out-your-university-application-form/&ved=2ahUKEwjcu6mckISJAxVu2DgGHSXiGJM4FBAWegQIDhAB&usg=AOvVaw3FNmnqDwYk057RSkGK_W7r

Requested by

Host: newsonnline.com
URL: https://newsonnline.com/safe.php?link=https://modijiurl.com/X7rYPS/?mid=297839

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

173.194.68.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f147.1e100.net

Software

gws /

Resource Hash

5f9ecb1f51746734ec7f18be64f2b1e3bb0576088e7c0e72b1dd6031e678138b

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-sE08UMPoiM6JMKyv1antTA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://newsonnline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-Prefers-Color-Scheme Sec-CH-UA-Form-Factors Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 444
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-sE08UMPoiM6JMKyv1antTA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 06:04:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET /
newsonnline.com/best-practices-for-filling-out-your-university-application-form/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newsonnline.com
URL: https://newsonnline.com/best-practices-for-filling-out-your-university-application-form/

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
modijiurl.com/	1970-01-21 00:27:43	Name: AppSession Value: 1e14289d9857237589d1884ade2cc61a
modijiurl.com/	1970-01-21 00:26:17	Name: refX7rYPS Value: YTQwNjliOTgyMWVjYjk3ZDA0ODE2ZTRmYWE5NGNhN2M4MjA5YzE4NDljODA0ZGRkMDVlYjc4MjE0ODJkNmI4NFJq5vnv47bamSKvN18T%2BZtNFKvATC4fQLfCZW1EizWx
modijiurl.com/	1970-01-21 00:27:43	Name: visited_urls Value: https%3A%2F%2Fnewsonnline.com%2Fsafe.php%3Flink%3Dhttps%3A%2F%2Fmodijiurl.com%2FX7rYPS%2F%3Fmid%3D297839
newsonnline.com/	1970-01-21 00:26:17	Name: tp Value: https%3A%2F%2Fmodijiurl.com%2FX7rYPS%2F%3Fmid%3D297839
newsonnline.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6mnbtus8d1tmmntkiv10aidoab
.google.com/	1970-01-21 04:49:48	Name: NID Value: 518=YmASC2i-PNIH-zJeHop42bSxpafarI3n5d6irtgPpncfNi7xPsx47Dh29hHE8IRq4K1KYgrWmQVJo_9mN9ALH-yC5LYgEJ6FR54zB72ZknprPOP_pYr3zYB9QnWHJXenGJVuCE_r2ev3VhaPMNMp0iU-QTgQAEhH_ppz1GpbmwrQFRsUoOy53J6cYWW59bU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://newsonnline.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

modijiurl.com
newsonnline.com
www.google.com
newsonnline.com
172.67.169.149
172.67.74.75
173.194.68.147
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
5f9ecb1f51746734ec7f18be64f2b1e3bb0576088e7c0e72b1dd6031e678138b
76ff9662b67fdcbd48723bb5d368d9f3b79c149e724342a73f00f060b10ec04d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.google.com Open in urlscan Pro 173.194.68.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

6 kBTransfer

6 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

6 Cookies

1 Console Messages

Security Headers

Indicators

www.google.com Open in urlscan Pro
173.194.68.147 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

6 kB
Transfer

6 kB
Size

6
Cookies

6 HTTP transactions
0 data transactions