v.gd - urlscan.io

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 104.18.12.120, located in and belongs to CLOUDFLARENET, US. The main domain is v.gd.
TLS certificate: Issued by E1 on March 10th 2024. Valid for: 3 months.

This is the only time v.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.29.132.222 66.29.132.222	22612 (NAMECHEAP...) (NAMECHEAP-NET)
5	104.18.12.120 104.18.12.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	1

1 66.29.132.222 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server339-2.web-hosting.com

facebook.newstoday.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.12.120 (None, )

ASN13335 (CLOUDFLARENET, US)

v.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	v.gd v.gd	4 KB
1	newstoday.agency 1 redirects facebook.newstoday.agency	185 B
5	2

	Domain	Requested by
5	v.gd	v.gd
1	facebook.newstoday.agency	1 redirects
5	2

This site contains links to these domains. Also see Links.

Domain
open-google.replit.app
chart.apis.google.com

Subject Issuer	Validity	Valid
v.gd E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://v.gd/ROJOoi
Frame ID: AD39E3A16FD9A3D8AA57345BF136DA14
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

v.gd - Shortened URL

Page URL History Show full URLs

http://facebook.newstoday.agency/ HTTP 307
https://facebook.newstoday.agency/ HTTP 302
https://v.gd/ROJOoi Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

4 kB
Transfer

11 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://open-google.replit.app/w/jcnygh/aHR0cHM6Ly93d3cuRmFjZWJvb2suY29t
Title: https://open-google.replit.app/w/jcnygh/aHR0cHM6Ly93d3cuRmFjZWJvb2suY29t

Search URL Search Domain Scan URL

URL: https://chart.apis.google.com/chart?cht=qr&chs=100x100&choe=UTF-8&chld=H|0&chl=https://v.gd/ROJOoi
Title: Give me this URL as a QR code

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://facebook.newstoday.agency/ HTTP 307
https://facebook.newstoday.agency/ HTTP 302
https://v.gd/ROJOoi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ROJOoi Show response
v.gd/
Redirect Chain

http://facebook.newstoday.agency/
https://facebook.newstoday.agency/
https://v.gd/ROJOoi

2 KB
2 KB

304ms
254ms

Document
text/html

104.18.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.gd/ROJOoi

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e3a7439d844a0b8da7e3d16b5ae3f6bc1010c492d60591e971a99e6886461b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 875639d68ed7bae1-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 18:26:50 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 16 Apr 2024 18:26:49 GMT
location: https://v.gd/ROJOoi
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 vgd.css
v.gd/ 8 KB
2 KB 34ms
34ms Stylesheet
text/css 104.18.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.gd/vgd.css

Requested by

Host: v.gd
URL: https://v.gd/ROJOoi

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a805aef47b18fa03cab55faf2d66808c853290ab31a4233e0c316f79177bae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://v.gd/ROJOoi
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 18:26:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Mar 2018 22:13:46 GMT
server: cloudflare
age: 313
etag: W/"5ab2d91a-1e3b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 875639d819b4bae1-MXP
expires: Tue, 16 Apr 2024 22:26:50 GMT

GET
H2 200 qrcode.js Show response
v.gd/ 404 B
412 B 29ms
29ms Script
application/javascript 104.18.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.gd/qrcode.js

Requested by

Host: v.gd
URL: https://v.gd/ROJOoi

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f15239a558d1cc755cf8bab33588684dd19b6dfea40e478de63231caae53c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://v.gd/ROJOoi
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 18:26:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2017 01:15:25 GMT
server: cloudflare
age: 313
etag: W/"58a25a2d-194"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 875639d819b6bae1-MXP
expires: Tue, 16 Apr 2024 22:26:50 GMT

GET
H2 200 placeholder.gif
v.gd/ 43 B
153 B 31ms
31ms Image
image/gif 104.18.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.gd/placeholder.gif

Requested by

Host: v.gd
URL: https://v.gd/ROJOoi

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://v.gd/ROJOoi
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 18:26:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 10 Nov 2014 05:05:54 GMT
server: cloudflare
age: 313
etag: "546047b2-2b"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 875639d819b8bae1-MXP
content-length: 43
expires: Tue, 16 Apr 2024 22:26:50 GMT

GET
H2 200 favicon.ico
v.gd/ 1 KB
767 B 249ms
249ms Other
image/x-icon 104.18.12.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v.gd/favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87a8909dc79220f82a49f45cea0a50648f541c1081a304f25dd5ba9401583fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://v.gd/ROJOoi
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 18:26:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 10 Nov 2014 05:05:54 GMT
server: cloudflare
etag: W/"546047b2-47e"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 875639d86a1bbae1-MXP
expires: Tue, 16 Apr 2024 22:26:50 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| load_qrcode

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.v.gd/	1970-01-20 19:54:53	Name: __cf_bm Value: KTvab7jbW7zON6wIf.h5.9yaIGgbRksw7wT_TRFLHG0-1713292010-1.0.1.1-bCyv730e7_UBecWAIszh9kgRP.tsOkpxl5YqT3E4JoPMEGe8rubvXB_b1xcMWmu22FB_6BANHbwgBGvFzeENjA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.newstoday.agency
v.gd
104.18.12.120
66.29.132.222
0a805aef47b18fa03cab55faf2d66808c853290ab31a4233e0c316f79177bae8
2f15239a558d1cc755cf8bab33588684dd19b6dfea40e478de63231caae53c4c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
73e3a7439d844a0b8da7e3d16b5ae3f6bc1010c492d60591e971a99e6886461b
87a8909dc79220f82a49f45cea0a50648f541c1081a304f25dd5ba9401583fe4

v.gd Open in urlscan Pro 104.18.12.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

4 kBTransfer

11 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

v.gd Open in urlscan Pro
104.18.12.120 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

4 kB
Transfer

11 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions