urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2607:f8b0:4006:80c::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://comofflink.s3.amazonaws.com/gjkdghdj.html#tdtmdsf.cfm?cCbfBKccmY7Yczn2ncdcFzc9cHvzgdr4Kcbbb5q
Effective URL: https://www.google.com/59021_554591186_4518
Submission: On March 08 via api from EE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 2607:f8b0:4006:80c::2004, located in United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 2.
TLS certificate: Issued by GTS CA 1C3 on February 5th 2024. Valid for: 3 months.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.5.25.243 14618 (AMAZON-AES)
2 3 169.197.97.133 21859 (ZEN-ECN)
1 176.118.167.60 202376 (ARVID-LOG...)
1 1 18.144.57.91 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
6 4
1    3.5.25.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
comofflink.s3.amazonaws.com
3    169.197.97.133 (Moscow, Russian Federation)

ASN21859 (ZEN-ECN, US)
PTR: fairpadis.co.uk
linestook.com
1    176.118.167.60 (Tallinn, Estonia)

ASN202376 (ARVID-LOGICUM, EE)
PTR: histordey.shop
phenomenalten.com
1    18.144.57.91 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-57-91.us-west-1.compute.amazonaws.com
r6etniwsgnirps.com
3    2607:f8b0:4006:80c::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
3 google.com
www.google.com — Cisco Umbrella Rank: 2
11 KB
3 linestook.com
linestook.com
1 KB
1 r6etniwsgnirps.com
r6etniwsgnirps.com
553 B
1 phenomenalten.com
phenomenalten.com
486 B
1 amazonaws.com
comofflink.s3.amazonaws.com
885 B
6 5
Domain Requested by
3 www.google.com phenomenalten.com
www.google.com
3 linestook.com 2 redirects comofflink.s3.amazonaws.com
1 r6etniwsgnirps.com 1 redirects
1 phenomenalten.com linestook.com
1 comofflink.s3.amazonaws.com
6 5

This site contains no links.

Subject Issuer Validity Valid
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
phenomenalten.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-13 -
2024-07-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/59021_554591186_4518
Frame ID: 2B5335C93FDD5F101050BD220DAC7DE6
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error 404 (Not Found)!!1

Page URL History Show full URLs

  1. https://comofflink.s3.amazonaws.com/gjkdghdj.html Page URL
  2. http://linestook.com/anchor HTTP 301
    http://linestook.com/anchor/ Page URL
  3. http://linestook.com//tdtmdsf.cfm?cCbfBKccmY7Yczn2ncdcFzc9cHvzgdr4Kcbbb5q HTTP 302
    https://phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/233981474_38-13... Page URL
  4. https://r6etniwsgnirps.com/?E=giqwm8B5TOAdXFw7gnFcCoYeZ9uj%2bKn%2b&s1=690103&s2=2_177098_2840406&s3=141... HTTP 302
    https://www.google.com/59021_554591186_4518 Page URL

Page Statistics

6
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

14 kB
Transfer

12 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://comofflink.s3.amazonaws.com/gjkdghdj.html Page URL
  2. http://linestook.com/anchor HTTP 301
    http://linestook.com/anchor/ Page URL
  3. http://linestook.com//tdtmdsf.cfm?cCbfBKccmY7Yczn2ncdcFzc9cHvzgdr4Kcbbb5q HTTP 302
    https://phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/233981474_38-132-118-76 Page URL
  4. https://r6etniwsgnirps.com/?E=giqwm8B5TOAdXFw7gnFcCoYeZ9uj%2bKn%2b&s1=690103&s2=2_177098_2840406&s3=1413898796 HTTP 302
    https://www.google.com/59021_554591186_4518 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://linestook.com/anchor HTTP 301
  • http://linestook.com/anchor/
Request Chain 2
  • http://linestook.com//tdtmdsf.cfm?cCbfBKccmY7Yczn2ncdcFzc9cHvzgdr4Kcbbb5q HTTP 302
  • https://phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/233981474_38-132-118-76

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gjkdghdj.html
comofflink.s3.amazonaws.com/ 		459 B
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://comofflink.s3.amazonaws.com/gjkdghdj.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.25.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
459
Content-Type
text/html
Date
Fri, 08 Mar 2024 18:54:15 GMT
ETag
"a5ecfcb3407344c2878c0713f822cf56"
Last-Modified
Wed, 06 Mar 2024 11:48:30 GMT
Server
AmazonS3
x-amz-id-2
UoCHeKd8VWzQWjDDjuMg9Uvk9NCAS5lqFZzgP5eTqDupqtsys5lM82xU7EEknwSa1w2I2wGGJrTpdcdibs8CM1B3yC7sK65fIfh0abZXFHo=
x-amz-request-id
4HC26Z92SF3YGSW5
x-amz-server-side-encryption
AES256
/
linestook.com/anchor/
Redirect Chain
  • http://linestook.com/anchor
  • http://linestook.com/anchor/
614 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
http://linestook.com/anchor/
Requested by
Host: comofflink.s3.amazonaws.com
URL: https://comofflink.s3.amazonaws.com/gjkdghdj.html
Protocol
HTTP/1.1
Server
169.197.97.133 Moscow, Russian Federation, ASN21859 (ZEN-ECN, US),
Reverse DNS
fairpadis.co.uk
Software
Apache /
Resource Hash

Request headers

Referer
https://comofflink.s3.amazonaws.com/gjkdghdj.html#tdtmdsf.cfm?cCbfBKccmY7Yczn2ncdcFzc9cHvzgdr4Kcbbb5q
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
614
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Mar 2024 18:54:16 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
236
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 08 Mar 2024 18:54:16 GMT
Location
http://linestook.com/anchor/
Server
Apache
233981474_38-132-118-76
phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/
Redirect Chain
  • http://linestook.com//tdtmdsf.cfm?cCbfBKccmY7Yczn2ncdcFzc9cHvzgdr4Kcbbb5q
  • https://phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/233981474_38-132-118-76
173 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/233981474_38-132-118-76
Requested by
Host: linestook.com
URL: http://linestook.com/anchor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.118.167.60 Tallinn, Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS
histordey.shop
Software
Apache /
Resource Hash

Request headers

Referer
http://linestook.com/anchor/#/tdtmdsf.cfm?cCbfBKccmY7Yczn2ncdcFzc9cHvzgdr4Kcbbb5q
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
173
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Mar 2024 18:54:18 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Mar 2024 18:54:16 GMT
Location
https://phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/233981474_38-132-118-76
Server
Apache
Primary Request 59021_554591186_4518
www.google.com/
Redirect Chain
  • https://r6etniwsgnirps.com/?E=giqwm8B5TOAdXFw7gnFcCoYeZ9uj%2bKn%2b&s1=690103&s2=2_177098_2840406&s3=1413898796
  • https://www.google.com/59021_554591186_4518
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/59021_554591186_4518
Requested by
Host: phenomenalten.com
URL: https://phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/233981474_38-132-118-76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
9ddb25338230947998d7c6a84274fad46060cf9e2a9db80cce54c9a4f08db281

Request headers

Referer
https://phenomenalten.com/1761b13fae6c47fe800/2_177098_2840406/1788_1402178_5106196_30/233981474_38-132-118-76
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1581
content-type
text/html; charset=UTF-8
date
Fri, 08 Mar 2024 18:54:20 GMT
referrer-policy
no-referrer

Redirect headers

cache-control
private
content-length
160
content-type
text/html; charset=utf-8
date
Fri, 08 Mar 2024 18:54:19 GMT
location
https://www.google.com/59021_554591186_4518
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
robot.png
www.google.com/images/errors/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/errors/robot.png
Requested by
Host: www.google.com
URL: https://www.google.com/59021_554591186_4518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f9fc5b3fbddf0e72c5c56cdcfc81c6e10c617d70b1b93fbe1e4679a8797bff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/59021_554591186_4518
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 06 Mar 2024 09:01:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
age
208371
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6327
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 06 Mar 2025 09:01:29 GMT
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/59021_554591186_4518
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/59021_554591186_4518
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 08 Mar 2024 18:54:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 08 Mar 2024 18:54:20 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
phenomenalten.com/ Name: uid34625
Value: 1413898796-20240308135418-fe5ec3a060cbb4d64dea41d19c5778a1-
.r6etniwsgnirps.com/ Name: sq
Value: ZntZFfMg9D6Mu4jjg2cQq3j+U49Efh+MCp32T1TUSvWxUtn1hI2FMA==
.r6etniwsgnirps.com/ Name: tib
Value: QYK0AlvpzJ5cy72z0pPboHj+U49Efh+MCp32T1TUSvWxUtn1hI2FMA==

1 Console Messages

Source Level URL
Text
network error URL: https://www.google.com/59021_554591186_4518
Message:
Failed to load resource: the server responded with a status of 404 ()