vpn.schoolsearch.ca Open in urlscan Pro
54.237.57.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vpn.schoolsearch.ca/
Submission: On October 06 via automatic, source certstream-suspicious (October 6th 2024, 7:40:20 pm UTC) — Scanned from CA

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 8 HTTP transactions. The main IP is 54.237.57.21, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is vpn.schoolsearch.ca.
TLS certificate: Issued by E6 on October 6th 2024. Valid for: 3 months.

This is the only time vpn.schoolsearch.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	54.237.57.21 54.237.57.21	14618 (AMAZON-AES) (AMAZON-AES)
1	142.251.40.168 142.251.40.168	15169 (GOOGLE) (GOOGLE)
1	172.67.72.183 172.67.72.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
1	142.251.111.154 142.251.111.154	15169 (GOOGLE) (GOOGLE)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1	142.251.40.195 142.251.40.195	15169 (GOOGLE) (GOOGLE)
1 1	104.26.10.237 104.26.10.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.8.135 104.26.8.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	8

2 54.237.57.21 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ns1.namepros-dns.com

vpn.schoolsearch.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.72.183 (United States)

ASN13335 (CLOUDFLARENET, US)

www.namepros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.10.237 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.namepros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.135 (None, )

ASN13335 (CLOUDFLARENET, US)

nameproscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	556 B
2	namepros.com 1 redirects www.namepros.com — Cisco Umbrella Rank: 709777	1 KB
2	schoolsearch.ca 1 redirects vpn.schoolsearch.ca	913 B
1	nameproscdn.com nameproscdn.com	5 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	63 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 147
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
8	7

	Domain	Requested by
2	www.namepros.com	1 redirects vpn.schoolsearch.ca
2	vpn.schoolsearch.ca	1 redirects
1	nameproscdn.com
1	www.google.ca	vpn.schoolsearch.ca
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	vpn.schoolsearch.ca
8	8

This site contains no links.

Subject Issuer	Validity	Valid
vpn.schoolsearch.ca E6	`2024-10-06` - `2025-01-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
namepros.com E6	`2024-09-21` - `2024-12-20`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.ca WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://vpn.schoolsearch.ca/
Frame ID: 55FE0FD605CF9F44F322052622AF2E5F
Requests: 6 HTTP requests in this frame

Frame: https://www.namepros.com/parked/vpn.schoolsearch.ca?iframe=1
Frame ID: 290D4C8C7C7875913E4BCD68321D966B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-XZM175RTYS&gacid=1979759548.1728243616&gtm=45je4a20v885664053za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=1819033869
Frame ID: 8A8CE150C9A47452DA0AC2CCB8B34C7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SchoolSearch.ca for sale

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

106 kB
Transfer

330 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://vpn.schoolsearch.ca/favicon.ico HTTP 302
https://www.namepros.com/favicon.ico HTTP 301
https://nameproscdn.com/favicon.ico

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vpn.schoolsearch.ca/ 741 B
843 B 195ms
94ms Document
text/html 54.237.57.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.schoolsearch.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.237.57.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ns1.namepros-dns.com
Software: Caddy /
Resource Hash: ae9a1aac25567e35369553784aa3cc7798b9dfbf1717e6928b6b0eb75b66b1ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
content-length: 741
content-type: text/html; charset=utf-8
date: Sun, 06 Oct 2024 19:40:15 GMT
server: Caddy

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
100 KB 171ms
80ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XZM175RTYS

Requested by

Host: vpn.schoolsearch.ca
URL: https://vpn.schoolsearch.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d2b2b910c3cf446292da38eefb2d673e7aaf8e07fd3fd3b14e63747c613f2eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://vpn.schoolsearch.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 06 Oct 2024 19:40:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 19:40:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101932
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 vpn.schoolsearch.ca
www.namepros.com/parked/ Frame 290D 0
0 232ms
128ms Document
text/html 172.67.72.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.namepros.com/parked/vpn.schoolsearch.ca?iframe=1

Requested by

Host: vpn.schoolsearch.ca
URL: https://vpn.schoolsearch.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' https:; default-src 'self'; object-src 'none'; worker-src 'self'; frame-src 'self' https:; form-action 'self' https://www.paypal.com; font-src 'self' data: https://nameproscdn.com https://fonts.gstatic.com https://use.fontawesome.com; img-src 'self' data: https: blob:; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com https://challenges.cloudflare.com https://www.googletagmanager.com https://.google-analytics.com https://js.stripe.com https://www.google.com https://www.gstatic.com; style-src 'report-sample' 'self' 'unsafe-inline' https://nameproscdn.com https://platform.twitter.com; connect-src 'self' https://nameproscdn.com https://.google-analytics.com https://.analytics.google.com https://.googletagmanager.com https://.g.doubleclick.net https://.google.com; media-src 'self' https://nameproscdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vpn.schoolsearch.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8ce81f44fc2a39e7-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https:; default-src 'self'; object-src 'none'; worker-src 'self'; frame-src 'self' https:; form-action 'self' https://www.paypal.com; font-src 'self' data: https://nameproscdn.com https://fonts.gstatic.com https://use.fontawesome.com; img-src 'self' data: https: blob:; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com https://challenges.cloudflare.com https://www.googletagmanager.com https://*.google-analytics.com https://js.stripe.com https://www.google.com https://www.gstatic.com; style-src 'report-sample' 'self' 'unsafe-inline' https://nameproscdn.com https://platform.twitter.com; connect-src 'self' https://nameproscdn.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com; media-src 'self' https://nameproscdn.com
content-type: text/html; charset=utf-8
date: Sun, 06 Oct 2024 19:40:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t612hH%2BE3sygo6ITtIrg90YYIlkbSEZZHD0SIUTXNZs0mouo%2BZbMr5Cp3eCu3rIqA5UZeS89NKOBpXJSb6AG%2BdO%2FoSSrqDZqiFee3V2E3mmmnqbw4DzL4WS9v0NsEDA7Uys%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-clacks-overhead: GNU Archangel
x-content-type-options: nosniff

POST
H2 204 collect
analytics.google.com/g/ 0
0 124ms
46ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XZM175RTYS&gtm=45je4a20v885664053za200&_p=1728243615394&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1979759548.1728243616&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728243615&sct=1&seg=0&dl=https%3A%2F%2Fvpn.schoolsearch.ca%2F&dt=SchoolSearch.ca%20for%20sale&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=648
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XZM175RTYS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://vpn.schoolsearch.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://vpn.schoolsearch.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 19:40:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
556 B 1225ms
49ms Ping
text/plain 142.251.111.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XZM175RTYS&cid=1979759548.1728243616&gtm=45je4a20v885664053za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XZM175RTYS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://vpn.schoolsearch.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://vpn.schoolsearch.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 06 Oct 2024 19:40:17 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 8A8C 0
0 177ms
98ms Document
text/html 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-XZM175RTYS&gacid=1979759548.1728243616&gtm=45je4a20v885664053za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=1819033869

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XZM175RTYS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vpn.schoolsearch.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Oct 2024 19:40:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 441ms
392ms Image
image/gif 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XZM175RTYS&cid=1979759548.1728243616&gtm=45je4a20v885664053za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=478973643

Requested by

Host: vpn.schoolsearch.ca
URL: https://vpn.schoolsearch.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://vpn.schoolsearch.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 06 Oct 2024 19:40:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

favicon.ico
nameproscdn.com/
Redirect Chain

https://vpn.schoolsearch.ca/favicon.ico
https://www.namepros.com/favicon.ico
https://nameproscdn.com/favicon.ico

37 KB
5 KB

400ms
33ms

Other
image/x-icon

104.26.8.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nameproscdn.com/favicon.ico

Protocol

Server

104.26.8.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f96ccb89cae813c9b5c90a2164e71f5a681c359f92c744a4e97ba17e027aa591

Security Headers

Name	Value
Content-Security-Policy	sandbox; block-all-mixed-content; frame-ancestors 'none'; default-src 'none'; form-action 'none'; navigate-to 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://vpn.schoolsearch.ca/

Response headers

x-clacks-overhead: GNU Jason Sheppard
content-encoding: br
cf-cache-status: HIT
etag: W/"dd6516376ddee163f3c00f51d4ccfa1c"
age: 6761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUU0Dg4ypUtGvOng892%2Fcn5iJfBggKqr5DmoyvbZnBPcE5k6N8ncmMmwIgENdHENZgorrMOF0RVskcUpy97Eldq1w57%2FAZKZVgSRaDGYQUW86ZQQM%2FDH1KpR3JSse4UKSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 06 Oct 2024 19:40:17 GMT
content-type: image/x-icon
last-modified: Wed, 25 Mar 2020 19:29:57 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: sandbox; block-all-mixed-content; frame-ancestors 'none'; default-src 'none'; form-action 'none'; navigate-to 'none'; style-src 'unsafe-inline'; img-src 'self'; media-src 'self'
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ce81f510fafab34-YYZ
access-control-allow-origin: https://www.namepros.com
server: cloudflare

Redirect headers

x-clacks-overhead: GNU Jason Sheppard
cf-cache-status: HIT
age: 595
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SKTNCFJ6PY8IAWvi14yddRHDCCDnBGpN6GZqeoxrZD9Jp5uH%2BIk%2BgXreTcwYjfG5OhMY9TYkNdLJdXoQov19Gdm4MX7e5BOWzZYxAoLL%2FJR%2BgHvrFd6NE8fatwd1h6RTSc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Sun, 06 Oct 2024 19:40:17 GMT
content-type: text/html
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://www.domainsherpa.com; default-src 'self'; object-src 'none'; worker-src 'self'; frame-src 'self' https:; form-action 'self' https://www.paypal.com; font-src 'self' data: https://nameproscdn.com https://fonts.gstatic.com https://use.fontawesome.com; img-src 'self' data: https: blob:; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com https://challenges.cloudflare.com https://*.googletagmanager.com https://js.stripe.com https://www.google.com https://www.gstatic.com https://s.imgur.com https://platform.twitter.com https://cdn.syndication.twimg.com; style-src 'report-sample' 'self' 'unsafe-inline' https://nameproscdn.com https://platform.twitter.com; connect-src 'self' https://nameproscdn.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com; media-src 'self' https://nameproscdn.com
cache-control: max-age=2678400
location: https://nameproscdn.com/favicon.ico
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ce81f4e7b02a1de-YYZ
server: cloudflare

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 04:23:15	Name: _GRECAPTCHA Value: 09AGteOypWsSMeKtB97-7HzXv7zN8Rcr_cs1RiU4Qqx1n-EZRjCcv1BPz_-wIsPoVK4-N9HxlW5NZIUgDaUEPjBw4
.schoolsearch.ca/	1970-01-21 09:40:03	Name: _ga Value: GA1.1.1979759548.1728243616
.schoolsearch.ca/	1970-01-21 09:40:03	Name: _ga_XZM175RTYS Value: GS1.1.1728243615.1.0.1728243615.60.0.0
.doubleclick.net/	1970-01-21 00:04:04	Name: test_cookie Value: CheckForPermission
.namepros.com/	1970-01-21 08:49:39	Name: cf_clearance Value: IqodCceAe2RxPGUz1dm.v4dgjM9FCCNQG6p7ANALANM-1728243616-1.2.1.1-Qpc3GGS_7uYFcSVDgPmK79TFtzTkgzg43g8pSQ9HCL7kjjSN1SRgNGFZtU.xhw6yvhOpw3E9AKz7orfe.E8oUE8eBCPPubV0PLNOps5YcLOthI6ZkDy5lRzP429ddxhi3mS4EIalXStkjK6wgpgmtU9CEQh08j1p72EYb_DlMuEXW4ozG_.2A2uiVnrMVMkQ_3jn99exKk8TzydIy6MLdtH5kiyNmZhubPxL7Hr7O_yhwakQ0AQYw31DW7R.Da5wAKeyzk6SgiFRYZUnsJUJPjM04K7lCB5Xs5akmF5wjsP90_dAKQoxJeujmlu5lboyMnyWkQKV7Vt_2gBIdmhgp12WkUjqwmH2eHp0hDbXMHG9vRiCuUZkI2cAVd9_VMX5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
nameproscdn.com
stats.g.doubleclick.net
td.doubleclick.net
vpn.schoolsearch.ca
www.google.ca
www.googletagmanager.com
www.namepros.com
104.26.10.237
104.26.8.135
142.251.111.154
142.251.40.168
142.251.40.195
142.251.40.98
172.67.72.183
216.239.38.181
54.237.57.21
ae9a1aac25567e35369553784aa3cc7798b9dfbf1717e6928b6b0eb75b66b1ed
d2b2b910c3cf446292da38eefb2d673e7aaf8e07fd3fd3b14e63747c613f2eac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f96ccb89cae813c9b5c90a2164e71f5a681c359f92c744a4e97ba17e027aa591

vpn.schoolsearch.ca Open in urlscan Pro 54.237.57.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

106 kBTransfer

330 kBSize

5 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

5 Cookies

Indicators

vpn.schoolsearch.ca Open in urlscan Pro
54.237.57.21 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

106 kB
Transfer

330 kB
Size

5
Cookies

8 HTTP transactions
0 data transactions