www.google.com Open in urlscan Pro
172.217.194.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://i0k.cc/1rFX7
Effective URL:
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gm...
Submission: On March 21 via manual (March 21st 2025, 5:51:51 pm UTC) from MD — Scanned from SG

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 172.217.194.105, located in United States and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 3.
TLS certificate: Issued by WR2 on March 10th 2025. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	43.175.141.63 43.175.141.63	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
7	163.181.81.234 163.181.81.234	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1 6	172.217.194.105 172.217.194.105	15169 (GOOGLE) (GOOGLE)
4	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
20	5

2 43.175.141.63 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

i0k.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 163.181.81.234 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

static.biturl.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.194.105 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	biturl.cn static.biturl.cn	91 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	88 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com Failed	259 KB
2	i0k.cc i0k.cc	3 KB
20	4

	Domain	Requested by
7	static.biturl.cn	i0k.cc
6	www.google.com	1 redirects static.biturl.cn www.google.com www.gstatic.com
4	www.gstatic.com	www.google.com www.gstatic.com
2	i0k.cc
0	fonts.gstatic.com Failed	www.google.com
20	5

This site contains links to these domains. Also see Links.

Domain
support.google.com

Subject Issuer	Validity	Valid
i0k.cc TrustAsia RSA DV TLS CA G2	`2024-04-09` - `2025-04-09`	a year	crt.sh
static.biturl.cn TrustAsia TLS RSA CA	`2025-02-10` - `2025-05-10`	3 months	crt.sh
*.google.com WR2	`2025-03-10` - `2025-06-02`	3 months	crt.sh
*.gstatic.com WR2	`2025-03-10` - `2025-06-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD
Frame ID: 13AB0478440B7729066777E7C48E770E
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=normal&s=8d8LoPJyI1IfYqgUIGeGz_KvWFXj9t2ETKxCsOaZCX8X8nL0JHEJOZqN62PgqWEZHDWknZaYxlBNErW4SSQ150EqNooirZel9l9XIUT31MzDQimpUCdsYSuEcf3Q5RzXxbwNNQg-mPf0nA8uXVl-vgbKQQpIovzcktCuX6lwjw05JKBLRJQPQLMf2kQZQnqpAkyiHsrSUQGkqNCATEr9Yvuc6xW2LXWPKTD2epE9tSBLNnj7QDj6B5ihiinrZWDfGztAnYgBkgJROI39qqEP_VpLV4oy20o&cb=hccmoyfqt0s8
Frame ID: E5EB3A33ED4D2C32292A3417DAA1C8EC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

https://www.google.com/search?q=biturl.cn&sei=NafdZ86uN7eH4-EPga2gmQQ

Page URL History Show full URLs

https://i0k.cc/1rFX7 Page URL
https://www.google.com/search?q=biturl.cn Page URL
https://www.google.com/search?q=biturl.cn&sei=NafdZ86uN7eH4-EPga2gmQQ HTTP 302
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DN... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

20
Requests

90 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

441 kB
Transfer

1519 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/websearch/answer/86640
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://i0k.cc/1rFX7 Page URL
https://www.google.com/search?q=biturl.cn Page URL
https://www.google.com/search?q=biturl.cn&sei=NafdZ86uN7eH4-EPga2gmQQ HTTP 302
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 1rFX7 Show response
i0k.cc/ 2 KB
2 KB 45ms
27ms Document
text/html 43.175.141.63
ACE-AS-AP ACE

General

Check archive.org

Download Go to

Full URL: https://i0k.cc/1rFX7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.175.141.63 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 913138b9b99234e7505bd2b43faa019539f9f21c1360ea382b61f17f72ede3f5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

Cache-Control: must-revalidate, no-store
Connection: keep-alive
Content-Language: en-SG
Content-Type: text/html;charset=UTF-8
Date: Fri, 21 Mar 2025 17:51:44 GMT
Pragma: no-cache
Server: Lego Server
Transfer-Encoding: chunked
X-Cache-Lookup: Cache Miss
X-NWS-LOG-UUID: 4005803035965838677
bTraceId: 79f1183c94f84ba69e2e11cdc7015d35

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
static.biturl.cn/static/js/ 85 KB
31 KB 1862ms
1611ms Script
application/javascript 163.181.81.234
TAOBAO Zhejiang T...

General

Check archive.org

Download Go to

Full URL: https://static.biturl.cn/static/js/jquery-3.2.1.min.js
Requested by: Host: i0k.cc
URL: https://i0k.cc/1rFX7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.81.234 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://i0k.cc/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
Content-Encoding: gzip
ETag: W/"65ea7ca4-15283"
Age: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Cache: MISS TCP_MISS dirn:13:169646107
Date: Fri, 21 Mar 2025 17:51:46 GMT
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 02:49:08 GMT
Access-Control-Allow-Headers: DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Transfer-Encoding: chunked
X-Swift-CacheTime: 7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Via: ens-cache19.l2sg7[1283,1294,200-0,H], ens-cache26.l2sg7[1296,0], cache5.sg12[1586,1586,200-0,M], cache24.sg12[1593,0]
Ali-Swift-Global-Savetime: 1742579506
X-Swift-SaveTime: Fri, 21 Mar 2025 17:51:46 GMT
Access-Control-Allow-Origin: *
EagleId: a3b551ac17425795051937161e
Server: Tengine

GET
H/1.1 200
OK rem.js Show response
static.biturl.cn/static/js/ 1 KB
2 KB 1862ms
1576ms Script
application/javascript 163.181.81.234
TAOBAO Zhejiang T...

General

Check archive.org

Download Go to

Full URL: https://static.biturl.cn/static/js/rem.js
Requested by: Host: i0k.cc
URL: https://i0k.cc/1rFX7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.81.234 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 07f5e8f164177c74890f5c5e6aa1f964c55cec495f4f3a722adeed070ddae426

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://i0k.cc/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
Content-Encoding: gzip
ETag: W/"65ea7c9b-414"
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Cache: MISS TCP_MISS dirn:12:248929669
Date: Fri, 21 Mar 2025 17:51:46 GMT
Last-Modified: Fri, 08 Mar 2024 02:48:59 GMT
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding, Accept-Encoding
Access-Control-Allow-Headers: DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Transfer-Encoding: chunked
X-Swift-CacheTime: 7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Via: ens-cache15.l2sg7[1302,1302,200-0,M], ens-cache22.l2sg7[1304,0], cache17.sg12[1554,1554,200-0,M], cache15.sg12[1565,0]
Ali-Swift-Global-Savetime: 1742579506
X-Swift-SaveTime: Fri, 21 Mar 2025 17:51:46 GMT
Access-Control-Allow-Origin: *
EagleId: a3b551a317425795052308384e
Server: Tengine

GET
H/1.1 200
OK biturl-search-intervention.js Show response
static.biturl.cn/static/js/ 2 KB
2 KB 889ms
286ms Script
application/javascript 163.181.81.234
TAOBAO Zhejiang T...

General

Check archive.org

Download Go to

Full URL: https://static.biturl.cn/static/js/biturl-search-intervention.js
Requested by: Host: i0k.cc
URL: https://i0k.cc/1rFX7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.81.234 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b968f3ed3ba9827b7e98097416110d4cf03b6910b686878b7b6606ddabc8b5b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://i0k.cc/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
Content-Encoding: gzip
ETag: W/"65ea7ca4-658"
Age: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Cache: MISS TCP_MISS dirn:-2:-2
Date: Fri, 21 Mar 2025 17:51:45 GMT
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Fri, 08 Mar 2024 02:49:08 GMT
Access-Control-Allow-Headers: DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Transfer-Encoding: chunked
X-Swift-CacheTime: 7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Via: ens-cache5.l2sg7[253,268,200-0,H], ens-cache25.l2sg7[270,0], cache24.sg12[276,275,200-0,M], cache18.sg12[281,0]
Ali-Swift-Global-Savetime: 1742579505
X-Swift-SaveTime: Fri, 21 Mar 2025 17:51:45 GMT
Access-Control-Allow-Origin: *
EagleId: a3b551a617425795055522622e
Server: Tengine

GET
H/1.1 200
OK reset.css
static.biturl.cn/static/css/ 5 KB
2 KB 602ms
352ms Stylesheet
text/css 163.181.81.234
TAOBAO Zhejiang T...

General

Check archive.org

Download Go to

Full URL: https://static.biturl.cn/static/css/reset.css
Requested by: Host: i0k.cc
URL: https://i0k.cc/1rFX7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.81.234 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: fbd64d2a0754cd6872966db7a27acb5e7d521b5362a8fc4d40b2457cad106880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://i0k.cc/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
Content-Encoding: gzip
ETag: W/"65d80151-12a5"
Age: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Cache: MISS TCP_MISS dirn:12:76267364
Date: Fri, 21 Mar 2025 17:51:45 GMT
Content-Type: text/css
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Fri, 23 Feb 2024 02:22:09 GMT
Access-Control-Allow-Headers: DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Transfer-Encoding: chunked
X-Swift-CacheTime: 7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Via: ens-cache17.l2sg7[44,44,200-0,H], ens-cache23.l2sg7[45,0], cache20.sg12[333,333,200-0,M], cache18.sg12[342,0]
Ali-Swift-Global-Savetime: 1742579505
X-Swift-SaveTime: Fri, 21 Mar 2025 17:51:45 GMT
Access-Control-Allow-Origin: *
EagleId: a3b551a617425795052008797e
Server: Tengine

GET
H/1.1 200
OK temporarily-close.css
static.biturl.cn/static/css/ 4 KB
2 KB 2051ms
1802ms Stylesheet
text/css 163.181.81.234
TAOBAO Zhejiang T...

General

Check archive.org

Download Go to

Full URL: https://static.biturl.cn/static/css/temporarily-close.css
Requested by: Host: i0k.cc
URL: https://i0k.cc/1rFX7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.81.234 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 66f3b8553ef8d25d36af6d4d1bfedf8b580a5b2d52a0863513635b96b4d46130

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://i0k.cc/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
Content-Encoding: gzip
ETag: W/"65d80151-efa"
Age: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Cache: MISS TCP_MISS dirn:-2:-2
Date: Fri, 21 Mar 2025 17:51:47 GMT
Content-Type: text/css
Vary: Accept-Encoding, Accept-Encoding
Last-Modified: Fri, 23 Feb 2024 02:22:09 GMT
Access-Control-Allow-Headers: DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Transfer-Encoding: chunked
X-Swift-CacheTime: 7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Via: ens-cache4.l2sg7[1486,1486,200-0,H], ens-cache12.l2sg7[1488,0], cache21.sg12[1781,1781,200-0,M], cache9.sg12[1790,0]
Ali-Swift-Global-Savetime: 1742579506
X-Swift-SaveTime: Fri, 21 Mar 2025 17:51:46 GMT
Access-Control-Allow-Origin: *
EagleId: a3b5519d17425795051816541e
Server: Tengine

GET
H/1.1 200
OK search-intervention.css
static.biturl.cn/static/css/ 321 B
1 KB 1858ms
1609ms Stylesheet
text/css 163.181.81.234
TAOBAO Zhejiang T...

General

Check archive.org

Download Go to

Full URL: https://static.biturl.cn/static/css/search-intervention.css
Requested by: Host: i0k.cc
URL: https://i0k.cc/1rFX7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.81.234 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b21c5c704b61b265723ad3e85eb62cedc65a31da2e748300a6929b39a5a87761

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://i0k.cc/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
ETag: "65d80151-141"
Age: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Cache: HIT TCP_REFRESH_HIT dirn:13:698039148
Date: Fri, 21 Mar 2025 17:51:46 GMT
Content-Type: text/css
Last-Modified: Fri, 23 Feb 2024 02:22:09 GMT
Access-Control-Allow-Headers: DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
X-Swift-CacheTime: 7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Via: ens-cache6.l2sg7[930,930,304-0,H], ens-cache1.l2sg7[931,0], cache15.sg12[1590,1589,200-0,H], cache7.sg12[1598,0]
Ali-Swift-Global-Savetime: 1742579506
X-Swift-SaveTime: Fri, 21 Mar 2025 17:51:46 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
EagleId: a3b5519b17425795052186411e
Content-Length: 321
Server: Tengine

GET
H/1.1 200
OK img-danger-free.png
static.biturl.cn/static/images/ 51 KB
51 KB 1319ms
1032ms Image
image/png 163.181.81.234
TAOBAO Zhejiang T...

General

Check archive.org

Download Go to Show image

Full URL: https://static.biturl.cn/static/images/img-danger-free.png
Requested by: Host: i0k.cc
URL: https://i0k.cc/1rFX7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.181.81.234 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 65e70462b3cd6c7162080aa613ac56b928d8c2749aeaab09f66ed1a891b48837

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://i0k.cc/

Response headers

Access-Control-Expose-Headers: Content-Length,Content-Range
ETag: "65d6c63c-ca2a"
Age: 0
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Cache: MISS TCP_MISS dirn:-2:-2
Date: Fri, 21 Mar 2025 17:51:46 GMT
Content-Type: image/png
Last-Modified: Thu, 22 Feb 2024 03:57:48 GMT
Access-Control-Allow-Headers: DNT,web-token,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
X-Swift-CacheTime: 7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Via: ens-cache12.l2sg7[4,3,200-0,H], ens-cache12.l2sg7[6,0], cache2.sg12[1022,1021,200-0,M], cache18.sg12[1025,0]
Ali-Swift-Global-Savetime: 1742579506
X-Swift-SaveTime: Fri, 21 Mar 2025 17:51:46 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
EagleId: a3b551a617425795058414146e
Content-Length: 51754
Server: Tengine

GET biturl-search-intervention.jpg
static.biturl.cn/static/images/ 0
0

GET
H/1.1 404
Not Found favicon.ico
i0k.cc/ 548 B
761 B 7ms
6ms Other
text/html 43.175.141.63
ACE-AS-AP ACE

General

Check archive.org

Download Go to

Full URL: https://i0k.cc/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.175.141.63 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://i0k.cc/1rFX7

Response headers

X-NWS-LOG-UUID: 4829936287778920496
Content-Length: 548
Date: Fri, 21 Mar 2025 17:51:47 GMT
X-Cache-Lookup: Cache Miss
Content-Type: text/html
Server: nginx
Connection: keep-alive

GET
H3 200 search
www.google.com/ 81 KB
41 KB 55ms
39ms Document
text/html 172.217.194.105
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/search?q=biturl.cn

Requested by

Host: static.biturl.cn
URL: https://static.biturl.cn/static/js/biturl-search-intervention.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-iemZn1XbuzVKLyVilLNM3Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://i0k.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-Prefers-Color-Scheme Downlink RTT Sec-CH-UA-Form-Factors Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-iemZn1XbuzVKLyVilLNM3Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Fri, 21 Mar 2025 17:51:49 GMT
document-policy: expect-no-linked-resources
expires: Fri, 21 Mar 2025 17:51:49 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3

429

Primary Request index Show response
www.google.com/sorry/
Redirect Chain

https://www.google.com/search?q=biturl.cn&sei=NafdZ86uN7eH4-EPga2gmQQ
https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VE...

3 KB
3 KB

7ms
6ms

Document
text/html

172.217.194.105
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD

Requested by

Host: www.google.com
URL: https://www.google.com/search?q=biturl.cn

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

HTTP server (unknown) /

Resource Hash

6da538bf5be8c190bb5f61c921190ee5134a1102b17991ac87e09c6d4a32ae1c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/search?q=biturl.cn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
downlink: 10
rtt: 0
sec-ch-prefers-color-scheme: light

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate
content-length: 3263
content-type: text/html
date: Fri, 21 Mar 2025 17:51:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 417
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-a0aJVnKCK-sfHxiQDceIPA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Fri, 21 Mar 2025 17:51:50 GMT
document-policy: expect-no-linked-resources
location: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-hallmonitor-challenge: CgwIts72vgYQmNiTpQISBJUi_fU
x-xss-protection: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
991 B 10ms
9ms Script
text/javascript 172.217.194.105
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

ESF /

Resource Hash

5260b19a391754b741ec0d7fc4de3d4b524cf5a847a83b4648f8259a08c3daf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
rtt: 0
downlink: 10

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 21 Mar 2025 17:51:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 21 Mar 2025 17:51:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/ 548 KB
216 KB 29ms
9ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

e7fc4a5f9f016995a6440b6cea0bf78ad727eb72ed69c98787979275c1d676a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Origin: https://www.google.com
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 49736
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 21 Mar 2026 04:02:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 21 Mar 2025 04:02:54 GMT
last-modified: Mon, 17 Mar 2025 04:01:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220514
x-xss-protection: 0
server: sffe

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E5EB 72 KB
41 KB 27ms
26ms Document
text/html 172.217.194.105
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=normal&s=8d8LoPJyI1IfYqgUIGeGz_KvWFXj9t2ETKxCsOaZCX8X8nL0JHEJOZqN62PgqWEZHDWknZaYxlBNErW4SSQ150EqNooirZel9l9XIUT31MzDQimpUCdsYSuEcf3Q5RzXxbwNNQg-mPf0nA8uXVl-vgbKQQpIovzcktCuX6lwjw05JKBLRJQPQLMf2kQZQnqpAkyiHsrSUQGkqNCATEr9Yvuc6xW2LXWPKTD2epE9tSBLNnj7QDj6B5ihiinrZWDfGztAnYgBkgJROI39qqEP_VpLV4oy20o&cb=hccmoyfqt0s8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

ESF /

Resource Hash

01cfb42811562a7c88e3ac2ec83d4c8aadb6e873ed89e54e512f40821c3fdd07

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gx0ia3_4hmyg17VefPSxJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
downlink: 10
rtt: 0
sec-ch-prefers-color-scheme: light

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Gx0ia3_4hmyg17VefPSxJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Mar 2025 17:51:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/ Frame E5EB 77 KB
41 KB 18ms
13ms Stylesheet
text/css 172.217.194.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=normal&s=8d8LoPJyI1IfYqgUIGeGz_KvWFXj9t2ETKxCsOaZCX8X8nL0JHEJOZqN62PgqWEZHDWknZaYxlBNErW4SSQ150EqNooirZel9l9XIUT31MzDQimpUCdsYSuEcf3Q5RzXxbwNNQg-mPf0nA8uXVl-vgbKQQpIovzcktCuX6lwjw05JKBLRJQPQLMf2kQZQnqpAkyiHsrSUQGkqNCATEr9Yvuc6xW2LXWPKTD2epE9tSBLNnj7QDj6B5ihiinrZWDfGztAnYgBkgJROI39qqEP_VpLV4oy20o&cb=hccmoyfqt0s8

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

ad13459d8bc3401ceb6e2ac3062fc1c48ea7ed6058e63f4e643f1a83b9d4c3cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 50032
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 21 Mar 2026 03:57:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 21 Mar 2025 03:57:58 GMT
last-modified: Mon, 17 Mar 2025 04:01:22 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
content-length: 42056
x-xss-protection: 0
server: sffe

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/ Frame E5EB 548 KB
0 0ms
0ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

e7fc4a5f9f016995a6440b6cea0bf78ad727eb72ed69c98787979275c1d676a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.google.com/

Response headers

content-encoding: gzip
age: 49736
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 21 Mar 2026 04:02:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 21 Mar 2025 04:02:54 GMT
last-modified: Mon, 17 Mar 2025 04:01:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220514
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame E5EB 31 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0725a9748dac0f3e4ee2e1f868829a7992cfe45364361e971dc51b418f7adcee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E5EB 1 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 597f3ba9ec0bce37c1a3ac00ce70473e17995f1a8a27db5ee88f5cbdad9af950

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E5EB 2 KB
2 KB 5ms
4ms Image
image/png 172.217.194.94
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Referer: https://www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/styles__ltr.css

Response headers

age: 49723
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 28 Mar 2025 04:03:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 21 Mar 2025 04:03:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
cache-control: public, max-age=604800
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
content-length: 2228
x-xss-protection: 0
server: sffe

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E5EB 0
0

GET
H3 200 favicon.ico
www.google.com/ 5 KB
1 KB 5ms
5ms Other
image/x-icon 172.217.194.105
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

sffe /

Resource Hash

6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
rtt: 0
downlink: 10

Response headers

content-encoding: gzip
age: 51518
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Sat, 29 Mar 2025 03:33:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 21 Mar 2025 03:33:12 GMT
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=691200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 1494
x-xss-protection: 0
server: sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.biturl.cn
URL: https://static.biturl.cn/static/images/biturl-search-intervention.jpg

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.i0k.cc/	1970-01-21 12:48:35	Name: sitename Value: 4dcaa0a7006040e4a84873d9b3602dc1
.google.com/	1970-01-21 08:22:11	Name: AEC Value: AVcja2dMWCovSdOH4eS64LYXSuE1hojvfRQLJknxRLVN_nSEDsqa23IRvo4
.google.com/	1970-01-21 08:26:30	Name: NID Value: 522=0EZGKNqm1PinSj9YnWSG0ffQ98pc1oouIpIX0FbNtAAJwnD9v5sHPyKfLzklBn8G0EQZrsWB4g2_M3eEQXzzXLoZQb2VEv5CGJJfKKkqO-iO4HmCQ9kCmYuBqplzpG_g0A7Xhtr91KQdZg6WpUyqKbyzQ2kjQ0npjM_HAeeAVis3OB1eh_JrbrUB7mI4mHrxmVkykxOGmbGn7rMzNTkcLdWzEekjM4sDrqfU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i0k.cc/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.google.com/sorry/index?continue=https://www.google.com/search%3Fq%3Dbiturl.cn%26sei%3DNafdZ86uN7eH4-EPga2gmQQ&q=EgSVIv31GLbO9r4GIjCS1746BET4w6K1SrpqXajlhSkpd5vhqCjuTo5rBuBJgQkcUfsFWp8VEeBjYWUa67IyAnJSWgFD Message: Failed to load resource: the server responded with a status of 429 ()
security	warning	URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=normal&s=8d8LoPJyI1IfYqgUIGeGz_KvWFXj9t2ETKxCsOaZCX8X8nL0JHEJOZqN62PgqWEZHDWknZaYxlBNErW4SSQ150EqNooirZel9l9XIUT31MzDQimpUCdsYSuEcf3Q5RzXxbwNNQg-mPf0nA8uXVl-vgbKQQpIovzcktCuX6lwjw05JKBLRJQPQLMf2kQZQnqpAkyiHsrSUQGkqNCATEr9Yvuc6xW2LXWPKTD2epE9tSBLNnj7QDj6B5ihiinrZWDfGztAnYgBkgJROI39qqEP_VpLV4oy20o&cb=hccmoyfqt0s8 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
i0k.cc
static.biturl.cn
www.google.com
www.gstatic.com
fonts.gstatic.com
static.biturl.cn
163.181.81.234
172.217.194.105
172.217.194.94
43.175.141.63
01cfb42811562a7c88e3ac2ec83d4c8aadb6e873ed89e54e512f40821c3fdd07
0725a9748dac0f3e4ee2e1f868829a7992cfe45364361e971dc51b418f7adcee
07f5e8f164177c74890f5c5e6aa1f964c55cec495f4f3a722adeed070ddae426
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
5260b19a391754b741ec0d7fc4de3d4b524cf5a847a83b4648f8259a08c3daf1
597f3ba9ec0bce37c1a3ac00ce70473e17995f1a8a27db5ee88f5cbdad9af950
65e70462b3cd6c7162080aa613ac56b928d8c2749aeaab09f66ed1a891b48837
66f3b8553ef8d25d36af6d4d1bfedf8b580a5b2d52a0863513635b96b4d46130
6da538bf5be8c190bb5f61c921190ee5134a1102b17991ac87e09c6d4a32ae1c
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
913138b9b99234e7505bd2b43faa019539f9f21c1360ea382b61f17f72ede3f5
ad13459d8bc3401ceb6e2ac3062fc1c48ea7ed6058e63f4e643f1a83b9d4c3cb
b21c5c704b61b265723ad3e85eb62cedc65a31da2e748300a6929b39a5a87761
b968f3ed3ba9827b7e98097416110d4cf03b6910b686878b7b6606ddabc8b5b7
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e7fc4a5f9f016995a6440b6cea0bf78ad727eb72ed69c98787979275c1d676a1
fbd64d2a0754cd6872966db7a27acb5e7d521b5362a8fc4d40b2457cad106880

www.google.com Open in urlscan Pro 172.217.194.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

90 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

441 kBTransfer

1519 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

3 Cookies

3 Console Messages

Indicators

www.google.com Open in urlscan Pro
172.217.194.105 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

90 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

441 kB
Transfer

1519 kB
Size

3
Cookies

20 HTTP transactions
2 data transactions