urlscan.io logo urlscan.io
SecurityTrails logo

google.520811.xyz Open in urlscan Pro
2606:4700:3034::6818:7bf1  Public Scan

Go To Rescan Add Verdict Report
URL: https://google.520811.xyz/
Submission: On April 19 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3034::6818:7bf1, located in United States and belongs to CLOUDFLARENET, US. The main domain is google.520811.xyz.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 7th 2020. Valid for: 7 months.
This is the only time google.520811.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
5 23.225.122.165 40065 (CNSERVERS)
1 104.233.205.42 54600 (PEGTECHINC)
1 104.143.39.160 26484 (IKGUL-26484)
2 2a00:1450:400... 15169 (GOOGLE)
2 103.235.46.191 55967 (BAIDU Bei...)
2 2a00:1450:400... 15169 (GOOGLE)
29 9
9    2606:4700:3034::6818:7bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
google.520811.xyz
7    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
googleads.g.doubleclick.net
5    23.225.122.165 (Los Angeles, United States)

ASN40065 (CNSERVERS, US)
www.37zw.net
1    104.233.205.42 (San Jose, United States)

ASN54600 (PEGTECHINC, US)
www.23txt.com
1    104.143.39.160 (United States)

ASN26484 (IKGUL-26484, US)
PTR: 104.143.39.160.static.klayer.com
www.69shu.org
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
9 google.520811.xyz google.520811.xyz
5 www.37zw.net google.520811.xyz
5 pagead2.googlesyndication.com google.520811.xyz
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 hm.baidu.com google.520811.xyz
1 www.googletagservices.com pagead2.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.69shu.org google.520811.xyz
1 www.23txt.com google.520811.xyz
29 11

This site contains links to these domains. Also see Links.

Domain
m.lxtx.best
www.lxtx.best
www.lxtx.tech
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-07 -
2020-10-09		 7 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.37zw.net
COMODO RSA Domain Validation Secure Server CA		 2018-01-29 -
2021-01-28		 3 years crt.sh
www.23txt.com
TrustAsia TLS RSA CA		 2020-01-20 -
2021-02-18		 a year crt.sh
*.69shu.org
AlphaSSL CA - SHA256 - G2		 2019-03-30 -
2021-03-30		 2 years crt.sh
*.google.de
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-01-13 -
2020-06-25		 5 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://google.520811.xyz/
Frame ID: 700D6AF1D883BB17B0475DDA9FB393DF
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/zrt_lookup.html
Frame ID: 298BA1F70F5F6BA2E0990CF20354BC62
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1578736909685669&output=html&adk=1812271804&adf=3025194257&lmt=1587305538&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fgoogle.520811.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587305538584&bpp=24&bdt=59&idt=51&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6787719687699&rume=1&frm=20&pv=2&ga_vid=717676829.1587305539&ga_sid=1587305539&ga_hid=1300137589&ga_fc=0&iag=0&icsg=683&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C44717539&oid=3&pvsid=2384170359542847&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=84
Frame ID: E3B4CCD7194C59F98341337A2ACC54DF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 8FA4AD52B2CBE9D9AECD2BB82AC149C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

11
Subdomains

9
IPs

3
Countries

454 kB
Transfer

886 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google.520811.xyz/ 		53 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PTcms Studio (www.ptcms.com)
Resource Hash
5e712bc46c314943a56758adcfe767a3b2e53986fdcd8836ddbb2464801ba879
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
google.520811.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 19 Apr 2020 14:12:18 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d541e26d5f236203f6cc337af7b59ec6f1587305537; expires=Tue, 19-May-20 14:12:17 GMT; path=/; domain=.520811.xyz; HttpOnly; SameSite=Lax; Secure
cache-control
private
vary
Accept-Encoding
x-frame-options
sameorigin
x-powered-by
PTcms Studio (www.ptcms.com)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5867383a2abfdfe3-FRA
content-encoding
br
cf-request-id
02346178580000dfe380357200000001
global.css
google.520811.xyz/template/kxwebno2/css/ 		24 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://google.520811.xyz/template/kxwebno2/css/global.css
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed961f1e2a95ae683f7d21b252712a347822b2d63b82391fb1024a5fe8a1de75

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2019 08:30:24 GMT
server
cloudflare
etag
W/"5cc807a0-614b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
cf-ray
5867383fc9ccdfe3-FRA
cf-request-id
0234617bdc0000dfe380397200000001
expires
Mon, 20 Apr 2020 02:12:19 GMT
style.css
google.520811.xyz/template/kxwebno2/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://google.520811.xyz/template/kxwebno2/css/style.css
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717512e47510e5f7a20e6fb63bbef1fc621a672dbd5016d5cd1ee8f399cbc5a7

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2019 08:30:24 GMT
server
cloudflare
etag
W/"5cc807a0-4336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
cf-ray
5867383fc9cddfe3-FRA
cf-request-id
0234617bdc0000dfe380398200000001
expires
Mon, 20 Apr 2020 02:12:19 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		108 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13aa6363edf0d9dcb32899a36525bf360642341f96693e5f62e90ea868888ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39452
x-xss-protection
0
server
cafe
etag
2834666070277554483
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Apr 2020 14:12:18 GMT
logo.png
google.520811.xyz/template/kxwebno2/image/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://google.520811.xyz/template/kxwebno2/image/logo.png
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1cf4d8d04f56d06767868481001555124531224254867dfdb43dbff09c54467

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:20 GMT
cf-cache-status
MISS
last-modified
Sun, 15 Dec 2019 08:21:52 GMT
server
cloudflare
etag
"5df5ed20-a11f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5867383fc9cedfe3-FRA
content-length
41247
cf-request-id
0234617bdd0000dfe380399200000001
expires
Tue, 19 May 2020 14:12:19 GMT
27721s.jpg
www.37zw.net/d/image/27/27721/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.37zw.net/d/image/27/27721/27721s.jpg
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.122.165 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
69ae67f1e3c42f428b72135b4be51dc8e614bc02a0be0e448836662c2bc6cf42

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
last-modified
Sun, 15 Sep 2019 00:34:32 GMT
server
nginx
etag
"5d7d8718-4321"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=43200
accept-ranges
bytes
content-length
17185
expires
Mon, 20 Apr 2020 02:12:19 GMT
6820s.jpg
www.37zw.net/d/image/6/6820/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.37zw.net/d/image/6/6820/6820s.jpg
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.122.165 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
5f4627b3a6c430a24143bf9f8ba76599ab928ca67fae24e08229a8657694b4d4

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
last-modified
Sun, 05 Mar 2017 04:44:29 GMT
server
nginx
etag
"58bb97ad-4c8e"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=43200
accept-ranges
bytes
content-length
19598
expires
Mon, 20 Apr 2020 02:12:19 GMT
23652s.jpg
www.37zw.net/d/image/23/23652/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.37zw.net/d/image/23/23652/23652s.jpg
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.122.165 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
565b7c47d5d64ed278c053cad68ed8ea8783db64967c547dd403be791667f33a

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
last-modified
Sat, 23 Mar 2019 09:30:14 GMT
server
nginx
etag
"5c95fca6-c889"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=43200
accept-ranges
bytes
content-length
51337
expires
Mon, 20 Apr 2020 02:12:19 GMT
29548s.jpg
www.37zw.net/d/image/29/29548/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.37zw.net/d/image/29/29548/29548s.jpg
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.122.165 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
864add3cde1468a32e979deb97d691d98257695b524386c55a07cb54b5f1a16a

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
last-modified
Sun, 19 Jan 2020 12:01:22 GMT
server
nginx
etag
"5e244512-883c"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=43200
accept-ranges
bytes
content-length
34876
expires
Mon, 20 Apr 2020 02:12:19 GMT
23752s.jpg
www.37zw.net/d/image/23/23752/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.37zw.net/d/image/23/23752/23752s.jpg
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.122.165 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
2db56e4b225d1b35203676896864faae823d3e39b26bd82d2635eb71654b35f3

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
last-modified
Sat, 23 Mar 2019 21:22:34 GMT
server
nginx
etag
"5c96a39a-458b"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=43200
accept-ranges
bytes
content-length
17803
expires
Mon, 20 Apr 2020 02:12:19 GMT
52289s.jpg
www.23txt.com/files/article/image/52/52289/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23txt.com/files/article/image/52/52289/52289s.jpg
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.233.205.42 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
a0d9a5db84bc6e9315e62e595e9f164630b74537f119195e675f22bbfc0096e6

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 22:11:37 GMT
Last-Modified
Tue, 17 Sep 2019 15:53:40 GMT
Server
nginx/1.16.1
X-Drive
staticfile
ETag
"5d810184-461f"
Content-Type
image/jpeg
Expires
Mon, 11 May 2020 02:07:29 GMT
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17951
X-Proxy-Cache
HIT
12002s.jpg
www.69shu.org/files/article/image/12/12002/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.69shu.org/files/article/image/12/12002/12002s.jpg
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.143.39.160 , United States, ASN26484 (IKGUL-26484, US),
Reverse DNS
104.143.39.160.static.klayer.com
Software
nginx /
Resource Hash
b0ab741298543e5cf7d59001659d517d5b388447c802a209b8057c0b895c0ebe

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 17 Apr 2020 11:57:48 GMT
Last-Modified
Wed, 09 Nov 2016 15:21:58 GMT
Server
nginx
ETag
"58233f16-1880"
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=2411127
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6272
X-Via
1.1 R84S-33 (random:941334 cache/3.8.1)
Expires
Sun, 17 May 2020 11:57:48 GMT
email-decode.min.js
google.520811.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://google.520811.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:18 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 14 Apr 2020 14:46:15 GMT
server
cloudflare
etag
W/"5e95ccb7-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5867383fc9dadfe3-FRA
cf-request-id
0234617be00000dfe38039a200000001
expires
Tue, 21 Apr 2020 14:12:18 GMT
jquery-3.3.1.js
google.520811.xyz/template/kxwebno2/script/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google.520811.xyz/template/kxwebno2/script/jquery-3.3.1.js
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029f2f021b8473d43eb0386dcb98fc847d1e5d3c730b56acfa8711fe61989880

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2019 08:30:24 GMT
server
cloudflare
etag
W/"5cc807a0-15a4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
cf-ray
5867383fc9dbdfe3-FRA
cf-request-id
0234617be00000dfe38039b200000001
expires
Mon, 20 Apr 2020 02:12:19 GMT
layer.js
google.520811.xyz/template/kxwebno2/script/layer/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google.520811.xyz/template/kxwebno2/script/layer/layer.js
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf83c97634950914635e03bd41a1f8a96ebbf1ccba601ab8e2cb5874c51c512

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2019 08:30:24 GMT
server
cloudflare
etag
W/"5cc807a0-5653"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
cf-ray
5867383fc9e0dfe3-FRA
cf-request-id
0234617be10000dfe38039c200000001
expires
Mon, 20 Apr 2020 02:12:19 GMT
common.js
google.520811.xyz/template/kxwebno2/script/ 		2 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://google.520811.xyz/template/kxwebno2/script/common.js?20171204
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b4df7f5f7de98b29952b076dda560be5888e21d506ad4b61e400a20e478129

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:19 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2019 08:30:24 GMT
server
cloudflare
etag
W/"5cc807a0-783"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
cf-ray
5867383fc9e3dfe3-FRA
cf-request-id
0234617be10000dfe38039d200000001
expires
Mon, 20 Apr 2020 02:12:19 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=google.520811.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Apr 2020 14:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=google.520811.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Apr 2020 14:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/ 		216 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
83122
x-xss-protection
0
server
cafe
etag
9756899714300984333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Apr 2020 14:12:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/ Frame 298B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200413/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200413/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.520811.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://google.520811.xyz/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 14 Apr 2020 02:35:42 GMT
expires
Tue, 28 Apr 2020 02:35:42 GMT
content-type
text/html; charset=UTF-8
etag
1284906565632978074
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4913
x-xss-protection
0
cache-control
public, max-age=1209600
age
473796
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
ads
pagead2.googlesyndication.com/pagead/ Frame E3B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-1578736909685669&output=html&adk=1812271804&adf=3025194257&lmt=1587305538&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fgoogle.520811.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587305538584&bpp=24&bdt=59&idt=51&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6787719687699&rume=1&frm=20&pv=2&ga_vid=717676829.1587305539&ga_sid=1587305539&ga_hid=1300137589&ga_fc=0&iag=0&icsg=683&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C44717539&oid=3&pvsid=2384170359542847&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=84
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/ads?client=ca-pub-1578736909685669&output=html&adk=1812271804&adf=3025194257&lmt=1587305538&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fgoogle.520811.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587305538584&bpp=24&bdt=59&idt=51&shv=r20200413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6787719687699&rume=1&frm=20&pv=2&ga_vid=717676829.1587305539&ga_sid=1587305539&ga_hid=1300137589&ga_fc=0&iag=0&icsg=683&dssz=5&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060549%2C44717539&oid=3&pvsid=2384170359542847&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=84
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.520811.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://google.520811.xyz/

Response headers

status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 19 Apr 2020 14:12:18 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e422e4d828685e6b1f90a96c4562faf22e7c5c13e2f3e2fe1953a10f69ae32e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1587123250781365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28347
x-xss-protection
0
expires
Sun, 19 Apr 2020 14:12:18 GMT
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16751b30e01b19653c6672fa9e5f43540980aded8e1210752cc94a0c7711ac87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://google.520811.xyz

Response headers

Content-Type
application/font-woff;charset=utf-8
layer.css
google.520811.xyz/template/kxwebno2/script/layer/theme/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://google.520811.xyz/template/kxwebno2/script/layer/theme/default/layer.css?v=3.1.1
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/template/kxwebno2/script/layer/layer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382aad07a3964b0d3796967b887c8c50f948d6b6ba8b17a295d85d8839cdd58a

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:20 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2019 08:30:24 GMT
server
cloudflare
etag
W/"5cc807a0-3863"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
cf-ray
586738496b15dfe3-FRA
cf-request-id
02346181e30000dfe3803fe200000001
expires
Mon, 20 Apr 2020 02:12:20 GMT
hm.js
hm.baidu.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?9921577fda23ef3dca7df37338252995
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
6d2ae250c88312655f7b93881da0734b37171616b1892f1c9db5166f466c7d49
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 19 Apr 2020 14:12:20 GMT
Content-Encoding
gzip
Server
apache
Etag
5923134209e2343438ba33d94ce6424e
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13828
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1801236097&si=9921577fda23ef3dca7df37338252995&v=1.2.73&lv=1&sn=47841&r=0&ww=1600&ct=!!&tt=%E9%BE%99%E8%A1%8C%E5%A4%A9%E4%B8%8B%E5%B0%8F%E8%AF%B4%E7%AB%99%20-%20%E6%96%B0%E9%BE%99%E8%A1%8C%E5%A4%A9%E4%B8%8B%E5%B0%8F%E8%AF%B4%E7%AB%99%20-%20%E9%BE%99%E8%A1%8C%E5%A4%A9%E4%B8%8B%E5%B0%8F%E8%AF%B4%E7%AB%99%E5%B0%8F%E8%AF%B4%E6%90%9C%E7%B4%A2%E5%BC%95%E6%93%8E
Requested by
Host: google.520811.xyz
URL: https://google.520811.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Apr 2020 14:12:21 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200413&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d3d7f873e291714e8e490207a3060ce1831ddfc9e272fb0a5948b80b08076dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Apr 2020 14:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5146
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200413/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 Apr 2020 14:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Sun, 19 Apr 2020 14:12:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 8FA4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://google.520811.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://google.520811.xyz/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sun, 19 Apr 2020 13:56:52 GMT
expires
Mon, 19 Apr 2021 13:56:52 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
931
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200413&jk=2384170359542847&bg=!VValVk5YHm3gr7jI8mICAAAAPVIAAAAJmQFdzgyICXzgBy_leveyLYJIJJB3h9YMBxTtZdMYxKDsuq1OJJ-zSK40A8eU5JoRZNrCNCX_li_Q5IxPKsao8xxH3OC81MjoKeMnuYpplyRHzwS_aK6azXLYDLJt4XBo-P0ci4WjB5ENlFmE2Aghqx-BHyaU0BAQZSneaggJcxziUOqC0a0UnCGZTNpBPQ2-wlCSchXnnCZc3VCW_ZHJn6Le-gKECwZ0XceqQ8kQe47xOxdRPdi4q0lr7oTthS7FRDn8D7VzR1O8t7HEhiv2GC4ECMqRcgeSsnpLb_kxmFC8BhEYBftqM5sSSaX0E2bBGsv1h2UzvJCbogE170f1bMHK5XvrfXkMZPJxuhAor5eUxW0jNCKgc3oCP_4pMn35PALCX3S4BfQrL_mjXt8zVvB-A4rl7ODIdOYySlaZR81VkalN6WdKjHHwtKkze7S2kUSSN1SnzJD1vjdu83w3gQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://google.520811.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Apr 2020 14:12:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| setHome function| addFavorite function| toDesktop function| $ function| jQuery object| layer object| _hmt boolean| _bdhm_loaded_9921577fda23ef3dca7df37338252995 object| mini_tangram_log_7gjb31 object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.google.520811.xyz/ Name: Hm_lpvt_9921577fda23ef3dca7df37338252995
Value: 1587305541
.google.520811.xyz/ Name: Hm_lvt_9921577fda23ef3dca7df37338252995
Value: 1587305541

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
google.520811.xyz
googleads.g.doubleclick.net
hm.baidu.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.23txt.com
www.37zw.net
www.69shu.org
www.googletagservices.com
103.235.46.191
104.143.39.160
104.233.205.42
23.225.122.165
2606:4700:3034::6818:7bf1
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:81b::2002
029f2f021b8473d43eb0386dcb98fc847d1e5d3c730b56acfa8711fe61989880
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d3d7f873e291714e8e490207a3060ce1831ddfc9e272fb0a5948b80b08076dc
13aa6363edf0d9dcb32899a36525bf360642341f96693e5f62e90ea868888ebd
16751b30e01b19653c6672fa9e5f43540980aded8e1210752cc94a0c7711ac87
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2db56e4b225d1b35203676896864faae823d3e39b26bd82d2635eb71654b35f3
382aad07a3964b0d3796967b887c8c50f948d6b6ba8b17a295d85d8839cdd58a
565b7c47d5d64ed278c053cad68ed8ea8783db64967c547dd403be791667f33a
5e712bc46c314943a56758adcfe767a3b2e53986fdcd8836ddbb2464801ba879
5f4627b3a6c430a24143bf9f8ba76599ab928ca67fae24e08229a8657694b4d4
69ae67f1e3c42f428b72135b4be51dc8e614bc02a0be0e448836662c2bc6cf42
6d2ae250c88312655f7b93881da0734b37171616b1892f1c9db5166f466c7d49
717512e47510e5f7a20e6fb63bbef1fc621a672dbd5016d5cd1ee8f399cbc5a7
7c87169546ac06464ec623c994f762ed646d22a821568fdd4d6b78da21a72d92
864add3cde1468a32e979deb97d691d98257695b524386c55a07cb54b5f1a16a
9bf83c97634950914635e03bd41a1f8a96ebbf1ccba601ab8e2cb5874c51c512
a0d9a5db84bc6e9315e62e595e9f164630b74537f119195e675f22bbfc0096e6
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b0ab741298543e5cf7d59001659d517d5b388447c802a209b8057c0b895c0ebe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1cf4d8d04f56d06767868481001555124531224254867dfdb43dbff09c54467
d5b4df7f5f7de98b29952b076dda560be5888e21d506ad4b61e400a20e478129
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422e4d828685e6b1f90a96c4562faf22e7c5c13e2f3e2fe1953a10f69ae32e5
ed961f1e2a95ae683f7d21b252712a347822b2d63b82391fb1024a5fe8a1de75