urlscan.io logo urlscan.io
SecurityTrails logo

best-redirect.com Open in urlscan Pro
88.198.52.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ww2.capitalonecovid19.com/
Effective URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.co...
Submission: On March 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 23 HTTP transactions. The main IP is 88.198.52.40, located in Kassel, Germany and belongs to HETZNER-AS, DE. The main domain is best-redirect.com.
TLS certificate: Issued by R3 on December 24th 2020. Valid for: 3 months.
This is the only time best-redirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.92 60781 (LEASEWEB-...)
2 54.84.27.165 14618 (AMAZON-AES)
1 10 88.198.52.40 24940 (HETZNER-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 9
2    212.32.237.92 (The Hague, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ww2.capitalonecovid19.com
2    54.84.27.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-27-165.compute-1.amazonaws.com
nicanor-the.com
10    88.198.52.40 (Kassel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: d24370fff.fastvps-server.com
qwertyredirect.com
best-redirect.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
5    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
9 best-redirect.com nicanor-the.com
best-redirect.com
5 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
2 www.gstatic.com translate.googleapis.com
best-redirect.com
2 nicanor-the.com ww2.capitalonecovid19.com
nicanor-the.com
2 ww2.capitalonecovid19.com 1 redirects
1 www.google.com best-redirect.com
1 translate.google.com best-redirect.com
1 cdnjs.cloudflare.com best-redirect.com
1 code.jquery.com best-redirect.com
1 qwertyredirect.com 1 redirects
23 10

This site contains no links.

Subject Issuer Validity Valid
best-redirect.com
R3		 2020-12-24 -
2021-03-24		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Frame ID: 57DDF7C4F5EBBEDC185D9D1ED5654095
Requests: 21 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: B519949BB0DE16485B1464682E2040CB
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: 9D118402D577A1E2139F5471FBD98885
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ww2.capitalonecovid19.com/ Page URL
  2. http://ww2.capitalonecovid19.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYxNTU... HTTP 302
    http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef4... Page URL
  3. http://nicanor-the.com/zcredirect?visitid=0a6bd470-8385-11eb-a236-12197d98db03&type=js&browserWidth... Page URL
  4. https://qwertyredirect.com/click.php?key=yor0ajb60ss3eljvjs25&cid=zr0a6bd470838511eba23612197d98db0304c... HTTP 302
    https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&doma... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

87 %
HTTPS

67 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

522 kB
Transfer

919 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ww2.capitalonecovid19.com/ Page URL
  2. http://ww2.capitalonecovid19.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYxNTU5NjQ5OSwiaWF0IjoxNjE1NTg5Mjk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycGxyanEzN3Qwbm4yNjltdG8wbWk4MjkiLCJuYmYiOjE2MTU1ODkyOTksInRzIjoxNjE1NTg5Mjk5MTY5MTk3fQ.hnYYSxOtLpRT-0IVstbZ-f3w5zMqXaw0251xG3YTiuw&sid=0a4b1a4a-8385-11eb-b121-c7a147ad50fd HTTP 302
    http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9 Page URL
  3. http://nicanor-the.com/zcredirect?visitid=0a6bd470-8385-11eb-a236-12197d98db03&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://qwertyredirect.com/click.php?key=yor0ajb60ss3eljvjs25&cid=zr0a6bd470838511eba23612197d98db0304ca50c48f2f4d5d8c951928ab5aa037054310c5d61f593706&visit_cost=0.009000&target=golf-kop-FIkgjtXk&campaign_id=1527352&geo=FR&keyword=capitalonecovid19%2Ccapitalonecovid19%2Ccapitalonecovid19.com&source=badious-buzzard&match=&campaign_name=FR+NON+ADULT&t8=&traffic_type=DOMAIN&visitor_type=NON-ADULT HTTP 302
    https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://ww2.capitalonecovid19.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYxNTU5NjQ5OSwiaWF0IjoxNjE1NTg5Mjk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycGxyanEzN3Qwbm4yNjltdG8wbWk4MjkiLCJuYmYiOjE2MTU1ODkyOTksInRzIjoxNjE1NTg5Mjk5MTY5MTk3fQ.hnYYSxOtLpRT-0IVstbZ-f3w5zMqXaw0251xG3YTiuw&sid=0a4b1a4a-8385-11eb-b121-c7a147ad50fd HTTP 302
  • http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww2.capitalonecovid19.com/ 		481 B
846 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ww2.capitalonecovid19.com/
Protocol
HTTP/1.1
Server
212.32.237.92 The Hague, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
863e3287374bddff08f0d39c7d1b0ad5de13caf73cea8a44c3c24858924c8aea

Request headers

Host
ww2.capitalonecovid19.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
481
content-type
text/html; charset=utf-8
date
Fri, 12 Mar 2021 22:48:18 GMT
server
nginx
set-cookie
sid=0a4b1a4a-8385-11eb-b121-c7a147ad50fd; path=/; domain=.capitalonecovid19.com; expires=Thu, 31 Mar 2089 02:02:26 GMT; max-age=2147483647; HttpOnly
72092e88-2c53-401c-b988-51ef43ce1034
nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/
Redirect Chain
  • http://ww2.capitalonecovid19.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYxNTU5NjQ5OSwiaWF0IjoxNjE1NTg5Mjk5LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycGxyanEzN3Qwbm4yNjl...
  • http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9
1000 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9
Requested by
Host: ww2.capitalonecovid19.com
URL: http://ww2.capitalonecovid19.com/
Protocol
HTTP/1.1
Server
54.84.27.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-27-165.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
9d80ef720f38f316de6437ad3e784cb90536666c6472e02d1263d9ecdfbe7ec2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
nicanor-the.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ww2.capitalonecovid19.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://ww2.capitalonecovid19.com/

Response headers

Date
Fri, 12 Mar 2021 22:48:20 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server
ZeroPark-Traffic

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Fri, 12 Mar 2021 22:48:19 GMT
location
http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9
server
nginx
set-cookie
sid=0a4b1a4a-8385-11eb-b121-c7a147ad50fd; path=/; domain=.capitalonecovid19.com; expires=Thu, 31 Mar 2089 02:02:27 GMT; max-age=2147483647; HttpOnly
zcredirect
nicanor-the.com/ 		974 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nicanor-the.com/zcredirect?visitid=0a6bd470-8385-11eb-a236-12197d98db03&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: nicanor-the.com
URL: http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9
Protocol
HTTP/1.1
Server
54.84.27.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-27-165.compute-1.amazonaws.com
Software
ZeroPark-Traffic /
Resource Hash
fa325d846ec9bdee661b08806947c1710a5a6fa3d9e3c51fc85a250ba5f08c8e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host
nicanor-the.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://nicanor-the.com/zcvisitor/0a6bd470-8385-11eb-a236-12197d98db03/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf33910-7c27-11eb-b8c3-0a52992aaad9

Response headers

Date
Fri, 12 Mar 2021 22:48:20 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected
JS
Server
ZeroPark-Traffic
Primary Request index.html
best-redirect.com/landers/antivirus/mcafee/
Redirect Chain
  • https://qwertyredirect.com/click.php?key=yor0ajb60ss3eljvjs25&cid=zr0a6bd470838511eba23612197d98db0304ca50c48f2f4d5d8c951928ab5aa037054310c5d61f593706&visit_cost=0.009000&target=golf-kop-FIkgjtXk&c...
  • https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Requested by
Host: nicanor-the.com
URL: http://nicanor-the.com/zcredirect?visitid=0a6bd470-8385-11eb-a236-12197d98db03&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
06eb9ab973c9bfdde9e9d17bdd93064c578b39c67a647a5f5ebfeacecd881b3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
best-redirect.com
:scheme
https
:path
/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://nicanor-the.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://nicanor-the.com/zcredirect?visitid=0a6bd470-8385-11eb-a236-12197d98db03&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Response headers

server
nginx/1.18.0
date
Fri, 12 Mar 2021 22:48:21 GMT
content-type
text/html
last-modified
Thu, 28 Jan 2021 13:03:15 GMT
etag
W/"6012b613-2454"
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

server
nginx/1.18.0
date
Fri, 12 Mar 2021 22:48:21 GMT
content-type
text/html; charset=UTF-8
location
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
set-cookie
uclick=dv9zqei4; expires=Sat, 13-Mar-2021 22:48:21 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d; expires=Sat, 13-Mar-2021 22:48:21 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security
max-age=31536000
css_land1.css
best-redirect.com/landers/antivirus/mcafee/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://best-redirect.com/landers/antivirus/mcafee/css_land1.css
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
db4c7e76d15507e2a1d857af162bf1c98f97dcc0ad0afaa7cba1d163954e8566
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
last-modified
Mon, 18 Jan 2021 05:03:46 GMT
server
nginx/1.18.0
etag
"600516b2-196d"
strict-transport-security
max-age=31536000
content-type
text/css
accept-ranges
bytes
content-length
6509
css_land2.css
best-redirect.com/landers/antivirus/mcafee/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://best-redirect.com/landers/antivirus/mcafee/css_land2.css
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
6e0c03b8492b2cb09906fb36902c09fcf71202e76866a23b65731e190fcfb392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
last-modified
Mon, 18 Jan 2021 05:03:46 GMT
server
nginx/1.18.0
etag
"600516b2-cdb"
strict-transport-security
max-age=31536000
content-type
text/css
accept-ranges
bytes
content-length
3291
bootstrap.min.css
best-redirect.com/landers/antivirus/mcafee/ 		140 KB
141 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://best-redirect.com/landers/antivirus/mcafee/bootstrap.min.css
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
029326a3c2908bab5fcb9226902859a5670fae26fb7ef56d04bae7080a01f4dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
last-modified
Mon, 18 Jan 2021 05:03:48 GMT
server
nginx/1.18.0
etag
"600516b4-23188"
strict-transport-security
max-age=31536000
content-type
text/css
accept-ranges
bytes
content-length
143752
font-awesome.min.css
best-redirect.com/landers/antivirus/mcafee/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://best-redirect.com/landers/antivirus/mcafee/font-awesome.min.css
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
69f8a70d5ad10be049ed06d6e623749938a5475b7c21f4ef3348a268d2643cfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
last-modified
Mon, 18 Jan 2021 05:03:47 GMT
server
nginx/1.18.0
etag
"600516b3-6acc"
strict-transport-security
max-age=31536000
content-type
text/css
accept-ranges
bytes
content-length
27340
jquery-3.5.1.js
code.jquery.com/ 		281 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.js
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-4638e"
vary
Accept-Encoding
x-hw
1615589301.dop141.fr8.t,1615589301.cds268.fr8.hn,1615589301.cds234.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
84374
loading.gif
best-redirect.com/landers/antivirus/mcafee/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://best-redirect.com/landers/antivirus/mcafee/loading.gif
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
df2e047bf21bf00c0434e6d7b3ba08f9ed27b9b73f65b29866c9e1d03217d184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
last-modified
Mon, 18 Jan 2021 05:03:48 GMT
server
nginx/1.18.0
etag
"600516b4-2294"
strict-transport-security
max-age=31536000
content-type
image/gif
accept-ranges
bytes
content-length
8852
logo.png
best-redirect.com/landers/antivirus/mcafee/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://best-redirect.com/landers/antivirus/mcafee/logo.png
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
e086f1f274ae191cfe55810194b6cfe234b48bf9f09b6465a22be60311432a3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
last-modified
Mon, 18 Jan 2021 05:03:48 GMT
server
nginx/1.18.0
etag
"600516b4-5431"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
21553
mcafee.png
best-redirect.com/landers/antivirus/mcafee/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://best-redirect.com/landers/antivirus/mcafee/mcafee.png
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
36be57005ea3d4d63d6bfdca39b94f5e8782991ba7db619c0e659291e3d20bf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
last-modified
Mon, 18 Jan 2021 05:03:49 GMT
server
nginx/1.18.0
etag
"600516b5-1ce81"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
118401
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1993500
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
701
cf-request-id
08ca39742800002bcea307b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m9OQLE0iDufMxd2HHREoe%2F9dlMf2kiIkceLGpllXoRGWj0WxGcyk6qPC1cqK5G%2BeeTmNN4pfaHbwdVHsJdl1fM1cTjWKTVnmqhUFytBbxrcB6DIyOckh%2B20p6NaYAuSMaA%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62f091cd0fea2bce-FRA
expires
Wed, 02 Mar 2022 22:48:21 GMT
bglogogray.png
best-redirect.com/landers/antivirus/mcafee/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://best-redirect.com/landers/antivirus/mcafee/bglogogray.png
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/css_land2.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.198.52.40 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
d24370fff.fastvps-server.com
Software
nginx/1.18.0 /
Resource Hash
57c0d40b7cd2cae18120ce0a33ecd2352c7107482682ddbbe992332d65d352b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://best-redirect.com/landers/antivirus/mcafee/css_land2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 22:48:21 GMT
last-modified
Mon, 18 Jan 2021 05:03:45 GMT
server
nginx/1.18.0
etag
"600516b1-acf"
strict-transport-security
max-age=31536000
content-type
image/png
accept-ranges
bytes
content-length
2767
element.js
translate.google.com/translate_a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
33ff0e688ffd08ceade87f0fc32fec64cee09e0a2404be7c34f0df7d6b058f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Mar 2021 22:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1874
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 21:49:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
3547
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 12 Mar 2021 22:49:14 GMT
main.js
translate.googleapis.com/translate_static/js/element/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 21:48:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3588
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1673
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 22:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 12 Mar 2021 22:48:33 GMT
element_main.js
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 		250 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 16:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22034
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91310
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 18:08:41 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Mar 2022 16:41:07 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 15:56:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
197516
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Thu, 10 Mar 2022 15:56:25 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ Frame B519 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 21:49:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
3547
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 12 Mar 2021 22:49:14 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 13:26:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
33702
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Sat, 12 Mar 2022 13:26:39 GMT
cleardot.gif
www.google.com/images/ 		43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/cleardot.gif
Requested by
Host: best-redirect.com
URL: https://best-redirect.com/landers/antivirus/mcafee/index.html?lang=en-US&clickid=fa46cdv9zqei467f&domain=qwertyredirect.com&uclick=dv9zqei4&uclickhash=dv9zqei4-dv9zqei4-gx37-oc6o-qq3y-bguq-4km7-c2a28d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://best-redirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Mar 2021 22:48:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
translate.googleapis.com/translate_a/ Frame 9D11 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J6PEgVHSlG1Nfgmu4dbkaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Mar 2021 22:48:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
origin-trial
AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy
script-src 'report-sample' 'nonce-J6PEgVHSlG1Nfgmu4dbkaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| getUrlParameter string| doms string| bbURL function| Cookies boolean| PreventExitPop function| ExitPop function| outGoingLink string| tabunder function| go function| getUrlVars function| getUrlParam function| googleTranslateElementInit string| lang object| google object| closure_lm_298514

2 Cookies

Domain/Path Name / Value
best-redirect.com/ Name: googtrans
Value: /en/en
best-redirect.com/ Name: GoogleAccountsLocale_session
Value: en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

best-redirect.com
cdnjs.cloudflare.com
code.jquery.com
nicanor-the.com
qwertyredirect.com
translate.google.com
translate.googleapis.com
ww2.capitalonecovid19.com
www.google.com
www.gstatic.com
2001:4de0:ac18::1:a:2b
212.32.237.92
2606:4700::6810:135e
2a00:1450:4001:802::200a
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200e
54.84.27.165
88.198.52.40
029326a3c2908bab5fcb9226902859a5670fae26fb7ef56d04bae7080a01f4dd
06eb9ab973c9bfdde9e9d17bdd93064c578b39c67a647a5f5ebfeacecd881b3d
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33ff0e688ffd08ceade87f0fc32fec64cee09e0a2404be7c34f0df7d6b058f9d
36be57005ea3d4d63d6bfdca39b94f5e8782991ba7db619c0e659291e3d20bf3
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
57c0d40b7cd2cae18120ce0a33ecd2352c7107482682ddbbe992332d65d352b2
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
69f8a70d5ad10be049ed06d6e623749938a5475b7c21f4ef3348a268d2643cfe
6e0c03b8492b2cb09906fb36902c09fcf71202e76866a23b65731e190fcfb392
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
863e3287374bddff08f0d39c7d1b0ad5de13caf73cea8a44c3c24858924c8aea
9d80ef720f38f316de6437ad3e784cb90536666c6472e02d1263d9ecdfbe7ec2
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
db4c7e76d15507e2a1d857af162bf1c98f97dcc0ad0afaa7cba1d163954e8566
df2e047bf21bf00c0434e6d7b3ba08f9ed27b9b73f65b29866c9e1d03217d184
e086f1f274ae191cfe55810194b6cfe234b48bf9f09b6465a22be60311432a3b
fa325d846ec9bdee661b08806947c1710a5a6fa3d9e3c51fc85a250ba5f08c8e