google.ldnnmq.shop Open in urlscan Pro
141.11.183.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://google.ldnnmq.shop/
Submission Tags: @phishunt_io
Submission: On November 22 via api (November 22nd 2024, 10:08:04 am UTC) from DE — Scanned from FR

Summary HTTP 29 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 29 HTTP transactions. The main IP is 141.11.183.191, located in France and belongs to SHINETEL-AS-TW SHINE TELECOM CO., LTD., TW. The main domain is google.ldnnmq.shop.
TLS certificate: Issued by R10 on November 22nd 2024. Valid for: 3 months.

This is the only time google.ldnnmq.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	141.11.183.191 141.11.183.191	63902 (SHINETEL-...) (SHINETEL-AS-TW SHINE TELECOM CO.)
4	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
5	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
29	6

3 141.11.183.191 (France)

ASN63902 (SHINETEL-AS-TW SHINE TELECOM CO., LTD., TW)

google.ldnnmq.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ogads-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gstatic.com www.gstatic.com fonts.gstatic.com	322 KB
3	ldnnmq.shop google.ldnnmq.shop	314 KB
2	googleapis.com ogads-pa.googleapis.com — Cisco Umbrella Rank: 214	233 B
1	google.com apis.google.com — Cisco Umbrella Rank: 121 play.google.com Failed	42 KB
0	fanyi4.com Failed fanyi4.com Failed
29	5

	Domain	Requested by
5	fonts.gstatic.com	google.ldnnmq.shop
4	www.gstatic.com	google.ldnnmq.shop
3	google.ldnnmq.shop	google.ldnnmq.shop
2	ogads-pa.googleapis.com	www.gstatic.com
1	apis.google.com	www.gstatic.com
0	play.google.com Failed	www.gstatic.com
0	fanyi4.com Failed	google.ldnnmq.shop
29	7

This site contains links to these domains. Also see Links.

Domain
translate.google.com
policies.google.com
support.google.com
www.google.com
cloud.google.com

Subject Issuer	Validity	Valid
google.ldnnmq.shop R10	`2024-11-22` - `2025-02-20`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.apis.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://google.ldnnmq.shop/
Frame ID: DCACF30E86D8AC830889FE2E152ED66E
Requests: 26 HTTP requests in this frame

Frame: https://google.ldnnmq.shop/so.html
Frame ID: 25ED882B574DEAC1E97A585A9607BAD9
Requests: 1 HTTP requests in this frame

Frame: https://google.ldnnmq.shop/so.html
Frame ID: 9C361932D14C8C62FD4172BE28B0BE3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google 翻译

Page Statistics

29
Requests

52 %
HTTPS

40 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

678 kB
Transfer

3353 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/?hl=zh-CN&tab=TT
Title: 翻译

Search URL Search Domain Scan URL

URL: https://translate.google.com/about/?hl=zh-CN
Title: 关于 Google 翻译

Search URL Search Domain Scan URL

URL: https://policies.google.com/?hl=zh-CN
Title: 隐私权和使用条款

Search URL Search Domain Scan URL

URL: https://support.google.com/translate/?hl=zh-CN
Title: 帮助

Search URL Search Domain Scan URL

URL: https://www.google.com/about?hl=zh-CN
Title: 关于 Google

Search URL Search Domain Scan URL

URL: https://support.google.com/translate?p=gendered_translations&hl=zh_CN
Title: 了解详情

Search URL Search Domain Scan URL

URL: https://support.google.com/translate/answer/2534559?ref_topic=7011659&hl=zh_CN
Title: 了解详情

Search URL Search Domain Scan URL

URL: https://cloud.google.com/translation-hub?hl=zh_CN
Title: Google Cloud Translation

Search URL Search Domain Scan URL

URL: https://support.google.com/translate/answer/6142483?ref_topic=7011659&hl=zh_CN
Title: 了解详情

Search URL Search Domain Scan URL

URL: https://translate.google.com/history
Title: 历史记录

Search URL Search Domain Scan URL

URL: https://translate.google.com/saved
Title: 已保存

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
google.ldnnmq.shop/ 3 MB
313 KB 1518ms
258ms Document
text/html 141.11.183.191
SHINETEL-AS-TW SH...

General

Check archive.org

Show headers Download Go to

Full URL

https://google.ldnnmq.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

141.11.183.191 , France, ASN63902 (SHINETEL-AS-TW SHINE TELECOM CO., LTD., TW),

Reverse DNS

Software

nginx /

Resource Hash

f5b3d335d38b76d40a5d9b8937e6ce23ef16daf58880ed626fbca61917921cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 22 Nov 2024 10:07:56 GMT
etag: W/"674043ba-2b5040"
last-modified: Fri, 22 Nov 2024 08:41:30 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET 70d6051e4958aeab28256b579d86ee92.js.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/ 0
0

GET exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba3abe8273a519f1e39630dffbdbff8e09.js.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/ 0
0

GET excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,ba07b584900884206c270edee87c6701.css.css
fanyi4.com/index_files/ 0
0

GET lazy.min.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/ 0
0

GET inputtools_3.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/ 0
0

GET zh-Hans.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/ 0
0

GET zh-Hans.js(1).%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/ 0
0

GET drag_and_drop.png
fanyi4.com/index_files/ 0
0

GET 192px.svg
fanyi4.com/index_files/ 0
0

GET excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,ba07b584900884206c270edee87c6701.css.css
fanyi4.com/index_files/ 0
0

GET inputtools_3.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/ 0
0

GET
H2 404 so.html Show response
google.ldnnmq.shop/ Frame 25ED 138 B
218 B 251ms
251ms Document
text/html 141.11.183.191
SHINETEL-AS-TW SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://google.ldnnmq.shop/so.html
Requested by: Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.11.183.191 , France, ASN63902 (SHINETEL-AS-TW SHINE TELECOM CO., LTD., TW),
Reverse DNS
Software: nginx /
Resource Hash: 301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f

Request headers

Referer: https://google.ldnnmq.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 138
content-type: text/html
date: Fri, 22 Nov 2024 10:07:59 GMT
etag: "6740430f-8a"
server: nginx

GET
H3 200 googlelogo_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ 2 KB
688 B 71ms
32ms Image
image/svg+xml 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg

Requested by

Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://google.ldnnmq.shop/

Response headers

content-encoding: br
age: 270686
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 06:56:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 06:56:33 GMT
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 663
x-xss-protection: 0
server: sffe

GET
H3 200 pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v9/ 31 KB
31 KB 105ms
66ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

Requested by

Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://google.ldnnmq.shop
Referer: https://google.ldnnmq.shop/

Response headers

age: 290460
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 01:26:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 01:26:59 GMT
last-modified: Mon, 15 Aug 2016 20:30:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31568
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 71ms
32ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://google.ldnnmq.shop
Referer: https://google.ldnnmq.shop/

Response headers

age: 278895
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 04:39:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 04:39:44 GMT
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15344
x-xss-protection: 0
server: sffe

GET
H3 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v151/ 159 KB
159 KB 71ms
55ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://google.ldnnmq.shop
Referer: https://google.ldnnmq.shop/

Response headers

age: 124562
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 23:31:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 23:31:57 GMT
last-modified: Mon, 08 Apr 2024 19:05:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162924
x-xss-protection: 0
server: sffe

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ 33 KB
33 KB 61ms
46ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://google.ldnnmq.shop
Referer: https://google.ldnnmq.shop/

Response headers

age: 151755
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:58:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:58:44 GMT
last-modified: Tue, 23 May 2023 16:35:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34108
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 43ms
28ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://google.ldnnmq.shop
Referer: https://google.ldnnmq.shop/

Response headers

age: 295362
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 00:05:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 00:05:17 GMT
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15552
x-xss-protection: 0
server: sffe

GET drag_and_drop.png
fanyi4.com/index_files/ 0
0

GET
H3 200 rs=AA2YrTu-AIDpJnMn8htQ-0aB0kDLbVpl1A Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.WIp7bmmdiMk.2019.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qh... 166 KB
61 KB 41ms
41ms Script
text/javascript 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.WIp7bmmdiMk.2019.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTu-AIDpJnMn8htQ-0aB0kDLbVpl1A

Requested by

Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

bbfe18d5e32223ad8823f1a6745b1b5b77f88d8fc1c323fa3eb0ec9b8206f39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://google.ldnnmq.shop/

Response headers

content-encoding: gzip
age: 259307
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 10:06:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 10:06:12 GMT
last-modified: Mon, 05 Aug 2024 01:30:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
accept-ranges: bytes
content-length: 62646
x-xss-protection: 0
server: sffe

GET
H3 200 rs=AA2YrTuZHf1FxnWSuni4yfYFm7DJbfG-0A
www.gstatic.com/og/_/ss/k=og.qtm.ygvnjEuASRQ.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf... 5 KB
1 KB 31ms
30ms Stylesheet
text/css 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.qtm.ygvnjEuASRQ.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTuZHf1FxnWSuni4yfYFm7DJbfG-0A

Requested by

Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

df81a77c9505a147f713c03c3e1d1114c57668d7587768231ae41c60ec947922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://google.ldnnmq.shop/

Response headers

content-encoding: gzip
age: 302012
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 22:14:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 22:14:27 GMT
last-modified: Thu, 01 Aug 2024 01:32:30 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
accept-ranges: bytes
content-length: 1369
x-xss-protection: 0
server: sffe

GET
H2 404 so.html Show response
google.ldnnmq.shop/ Frame 9C36 138 B
218 B 376ms
251ms Document
text/html 141.11.183.191
SHINETEL-AS-TW SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://google.ldnnmq.shop/so.html
Requested by: Host: google.ldnnmq.shop
URL: https://google.ldnnmq.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.11.183.191 , France, ASN63902 (SHINETEL-AS-TW SHINE TELECOM CO., LTD., TW),
Reverse DNS
Software: nginx /
Resource Hash: 301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f

Request headers

Referer: https://google.ldnnmq.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 138
content-type: text/html
date: Fri, 22 Nov 2024 10:08:00 GMT
etag: "6740430f-8a"
server: nginx

OPTIONS
H2 200 GetAsyncData
ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/ Frame 0
0 105ms
36ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://google.ldnnmq.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://google.ldnnmq.shop
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 22 Nov 2024 10:08:00 GMT
server: ESF
server-timing: gfet4t7; dur=7
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 GetAsyncData Show response
ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/ 53 B
233 B 52ms
50ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.WIp7bmmdiMk.2019.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTu-AIDpJnMn8htQ-0aB0kDLbVpl1A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b4b20e1fa834bf64509e94dd18eca0865abc217fcb62e769d6b6002084236a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Goog-Api-Key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_E
X-User-Agent: grpc-web-javascript/0.1
Referer: https://google.ldnnmq.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json+protobuf

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://google.ldnnmq.shop
server-timing: gfet4t7; dur=19
content-length: 30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 10:08:00 GMT
x-xss-protection: 0
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/ 122 KB
42 KB 108ms
34ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4ae5731b6361fef2a0b2ea0d005ca674d5cfa837628dc8acf4140b2c8b3843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://google.ldnnmq.shop/

Response headers

content-encoding: gzip
age: 149095
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 16:43:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 16:43:05 GMT
last-modified: Thu, 11 Jul 2024 18:45:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42226
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
www.gstatic.com/translate/ 32 KB
5 KB 32ms
32ms Other
image/x-icon 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/translate/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

06fd4ba3b981a0765dc1e8fcd5aa2faf802323d5367d7ca0b8afb7f896f2e81f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://google.ldnnmq.shop/

Response headers

content-encoding: gzip
age: 157140
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 14:29:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 14:29:00 GMT
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 5032
x-xss-protection: 0
server: sffe

POST log
play.google.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/70d6051e4958aeab28256b579d86ee92.js.js.%E4%B8%8B%E8%BD%BD

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba3abe8273a519f1e39630dffbdbff8e09.js.js.%E4%B8%8B%E8%BD%BD

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,ba07b584900884206c270edee87c6701.css.css

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/lazy.min.js.%E4%B8%8B%E8%BD%BD

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/inputtools_3.js.%E4%B8%8B%E8%BD%BD

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/zh-Hans.js.%E4%B8%8B%E8%BD%BD

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/zh-Hans.js(1).%E4%B8%8B%E8%BD%BD

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/drag_and_drop.png

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/192px.svg

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,ba07b584900884206c270edee87c6701.css.css

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/inputtools_3.js.%E4%B8%8B%E8%BD%BD

Domain: fanyi4.com
URL: https://fanyi4.com/index_files/drag_and_drop.png

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://google.ldnnmq.shop/so.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://google.ldnnmq.shop/so.html Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://google.ldnnmq.shop/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://google.ldnnmq.shop' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://google.ldnnmq.shop/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://google.ldnnmq.shop' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
fanyi4.com
fonts.gstatic.com
google.ldnnmq.shop
ogads-pa.googleapis.com
play.google.com
www.gstatic.com
fanyi4.com
play.google.com
141.11.183.191
142.250.185.99
142.250.186.131
2a00:1450:4001:806::200e
2a00:1450:4001:82b::200a
06fd4ba3b981a0765dc1e8fcd5aa2faf802323d5367d7ca0b8afb7f896f2e81f
2b4ae5731b6361fef2a0b2ea0d005ca674d5cfa837628dc8acf4140b2c8b3843
2b4b20e1fa834bf64509e94dd18eca0865abc217fcb62e769d6b6002084236a7
2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
bbfe18d5e32223ad8823f1a6745b1b5b77f88d8fc1c323fa3eb0ec9b8206f39d
df81a77c9505a147f713c03c3e1d1114c57668d7587768231ae41c60ec947922
f5b3d335d38b76d40a5d9b8937e6ce23ef16daf58880ed626fbca61917921cfa

google.ldnnmq.shop Open in urlscan Pro 141.11.183.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

29 Requests

52 %HTTPS

40 %IPv6

5 Domains

7 Subdomains

6 IPs

3 Countries

678 kBTransfer

3353 kBSize

0 Cookies

11 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

0 Cookies

6 Console Messages

Security Headers

Indicators

google.ldnnmq.shop Open in urlscan Pro
141.11.183.191 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

52 %
HTTPS

40 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

678 kB
Transfer

3353 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions