urlscan.io logo urlscan.io
SecurityTrails logo

1stinvestor-us.mubasher.info Open in urlscan Pro
104.22.68.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ctrk.klclick3.com/l/01JW7J469TX5DEXRT5DMBMYSP1_0
Effective URL: https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
Submission: On May 27 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 104.22.68.116, located in and belongs to CLOUDFLARENET, US. The main domain is 1stinvestor-us.mubasher.info.
TLS certificate: Issued by WE1 on April 17th 2025. Valid for: 3 months.
This is the only time 1stinvestor-us.mubasher.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.17.93.1 13335 (CLOUDFLAR...)
3 6 104.22.68.116 13335 (CLOUDFLAR...)
1 151.101.66.137 54113 (FASTLY)
1 74.125.24.105 15169 (GOOGLE)
1 104.16.80.73 13335 (CLOUDFLAR...)
14 142.251.10.94 15169 (GOOGLE)
4 74.125.24.106 15169 (GOOGLE)
25 7
1    104.17.93.1 (None, )

ASN13335 (CLOUDFLARENET, US)
ctrk.klclick3.com
6    104.22.68.116 (None, )

ASN13335 (CLOUDFLARENET, US)
1stinvestor-us.mubasher.info
1    151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    74.125.24.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net
www.google.com
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
14    142.251.10.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
www.gstatic.com
fonts.gstatic.com
4    74.125.24.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f106.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
634 KB
6 mubasher.info
1stinvestor-us.mubasher.info
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
107 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 548
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 849
79 KB
1 klclick3.com
ctrk.klclick3.com — Cisco Umbrella Rank: 265666
666 B
25 6
Domain Requested by
9 www.gstatic.com www.google.com
www.gstatic.com
6 1stinvestor-us.mubasher.info 3 redirects static.cloudflareinsights.com
5 fonts.gstatic.com www.google.com
5 www.google.com 1stinvestor-us.mubasher.info
www.gstatic.com
1 static.cloudflareinsights.com 1stinvestor-us.mubasher.info
1 code.jquery.com 1stinvestor-us.mubasher.info
1 ctrk.klclick3.com 1 redirects
25 7

This site contains no links.

Subject Issuer Validity Valid
mubasher.info
WE1		 2025-04-17 -
2025-07-16		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
www.google.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
cloudflareinsights.com
WE1		 2025-04-27 -
2025-07-26		 3 months crt.sh
*.gstatic.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.google.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
Frame ID: 37EA2CD7E771D6B42AF6804712070387
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT&co=aHR0cHM6Ly8xc3RpbnZlc3Rvci11cy5tdWJhc2hlci5pbmZvOjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=mzi13l9v1i4z
Frame ID: 72D5FADE6B7FB544717EF52D2B61305F
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT
Frame ID: CFD22168C4C9E54D2B6A04B0D600DA3D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirection en cours...

Page URL History Show full URLs

  1. https://ctrk.klclick3.com/l/01JW7J469TX5DEXRT5DMBMYSP1_0 HTTP 302
    https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo?_kx=me7rlNNI8c9EzEJ4cfgas3gHYomX8fBLtRCUmj7Be1o.... HTTP 301
    https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/?_kx=me7rlNNI8c9EzEJ4cfgas3gHYomX8fBLtRCUmj7Be1o... HTTP 302
    https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106 HTTP 301
    https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

25
Requests

96 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

828 kB
Transfer

2596 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ctrk.klclick3.com/l/01JW7J469TX5DEXRT5DMBMYSP1_0 HTTP 302
    https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo?_kx=me7rlNNI8c9EzEJ4cfgas3gHYomX8fBLtRCUmj7Be1o.XL7Vwz HTTP 301
    https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/?_kx=me7rlNNI8c9EzEJ4cfgas3gHYomX8fBLtRCUmj7Be1o.XL7Vwz HTTP 302
    https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106 HTTP 301
    https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
Redirect Chain
  • https://ctrk.klclick3.com/l/01JW7J469TX5DEXRT5DMBMYSP1_0
  • https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo?_kx=me7rlNNI8c9EzEJ4cfgas3gHYomX8fBLtRCUmj7Be1o.XL7Vwz
  • https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/?_kx=me7rlNNI8c9EzEJ4cfgas3gHYomX8fBLtRCUmj7Be1o.XL7Vwz
  • https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106
  • https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
2 KB
984 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.68.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c0046050e9ad2efd17f673ba41f3812717a71d7719cd9a003d5fa102b2e4d02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
9462819e9dae9c98-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 May 2025 03:43:08 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
9462819d7cf29c98-SIN
content-type
text/html
date
Tue, 27 May 2025 03:43:08 GMT
location
https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jquery-3.3.1.js
code.jquery.com/ 		265 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.js
Requested by
Host: 1stinvestor-us.mubasher.info
URL: https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://1stinvestor-us.mubasher.info/

Response headers

content-encoding
gzip
etag
W/"28feccc0-42587"
age
4199640
x-cache
HIT, HIT
date
Tue, 27 May 2025 03:43:08 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
7509, 68171
x-served-by
cache-lga21980-LGA, cache-sin-wsss1830041-SIN
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1748317389.791511,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
80268
server
nginx
api.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: 1stinvestor-us.mubasher.info
URL: https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
ESF /
Resource Hash
037a6e0c01fc8f4ce4f45c41373055f1cdb5d356f6b0b95dddc62de2cc2348b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://1stinvestor-us.mubasher.info/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 27 May 2025 03:43:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 27 May 2025 03:43:08 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: 1stinvestor-us.mubasher.info
URL: https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://1stinvestor-us.mubasher.info
Referer
https://1stinvestor-us.mubasher.info/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
946281a01d0c4490-SIN
access-control-allow-origin
*
date
Tue, 27 May 2025 03:43:08 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/ 		638 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
dcad914962ca2218e1178a3f93abcbeaa168406321a8e1744def00d8ebd4b3ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://1stinvestor-us.mubasher.info
Referer
https://1stinvestor-us.mubasher.info/

Response headers

content-encoding
gzip
age
343235
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 04:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 04:22:33 GMT
last-modified
Mon, 19 May 2025 21:04:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
277777
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 72D5 		73 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT&co=aHR0cHM6Ly8xc3RpbnZlc3Rvci11cy5tdWJhc2hlci5pbmZvOjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=mzi13l9v1i4z
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
ESF /
Resource Hash
4f99e51d4d7ec4854d165a709c2051ed12cf18b65e083464158ffecdcbb20bc3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K6jhr2acEWBK5pGfZ3e_6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stinvestor-us.mubasher.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-K6jhr2acEWBK5pGfZ3e_6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 27 May 2025 03:43:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/ Frame 72D5 		77 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT&co=aHR0cHM6Ly8xc3RpbnZlc3Rvci11cy5tdWJhc2hlci5pbmZvOjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=mzi13l9v1i4z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
6671fed8c2d19f5f79b545e73b099e1fe4fbea186a46b9cdfc9c31e8103ac219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
343236
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 04:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 04:22:33 GMT
last-modified
Mon, 19 May 2025 21:04:58 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
42060
x-xss-protection
0
server
sffe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/ Frame 72D5 		638 KB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT&co=aHR0cHM6Ly8xc3RpbnZlc3Rvci11cy5tdWJhc2hlci5pbmZvOjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=mzi13l9v1i4z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
dcad914962ca2218e1178a3f93abcbeaa168406321a8e1744def00d8ebd4b3ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
343236
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 04:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 04:22:33 GMT
last-modified
Mon, 19 May 2025 21:04:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
277777
x-xss-protection
0
server
sffe
webworker.js
www.google.com/recaptcha/api2/ Frame 72D5 		0
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 72D5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css

Response headers

age
343988
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 30 May 2025 04:10:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 04:10:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
2228
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 72D5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT&co=aHR0cHM6Ly8xc3RpbnZlc3Rvci11cy5tdWJhc2hlci5pbmZvOjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=mzi13l9v1i4z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.google.com
Referer
https://www.google.com/

Response headers

age
344855
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 03:55:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 03:55:34 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 72D5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT&co=aHR0cHM6Ly8xc3RpbnZlc3Rvci11cy5tdWJhc2hlci5pbmZvOjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=mzi13l9v1i4z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.google.com
Referer
https://www.google.com/

Response headers

age
345355
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 03:47:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 03:47:14 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
rum
1stinvestor-us.mubasher.info/cdn-cgi/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1stinvestor-us.mubasher.info/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.68.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
application/json
Referer
https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
946281a318f09c98-SIN
access-control-allow-origin
https://1stinvestor-us.mubasher.info
date
Tue, 27 May 2025 03:43:09 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
1stinvestor-us.mubasher.info/ 		0
101 B 		Other
General
Check archive.org
Download Go to
Full URL
https://1stinvestor-us.mubasher.info/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.68.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://1stinvestor-us.mubasher.info/storage/pages/June2020/algo/customer_center/user-964106/

Response headers

cf-cache-status
HIT
etag
"5f6a06cb-0"
age
1009
x-content-type-options
nosniff
cf-ray
946281a328f39c98-SIN
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
date
Tue, 27 May 2025 03:43:09 GMT
content-type
image/x-icon
last-modified
Tue, 22 Sep 2020 14:14:35 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
bframe
www.google.com/recaptcha/api2/ Frame CFD2 		8 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
ESF /
Resource Hash
0ae3f0ee6484270d6be9d36e1299fbf6e56a846dcc88be169bf1b161f3d02530
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CAwyTCE2mKeHdWTbaq895Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stinvestor-us.mubasher.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CAwyTCE2mKeHdWTbaq895Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 27 May 2025 03:43:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/ Frame CFD2 		77 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
6671fed8c2d19f5f79b545e73b099e1fe4fbea186a46b9cdfc9c31e8103ac219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
343236
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 04:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 04:22:33 GMT
last-modified
Mon, 19 May 2025 21:04:58 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
42060
x-xss-protection
0
server
sffe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/ Frame CFD2 		638 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
dcad914962ca2218e1178a3f93abcbeaa168406321a8e1744def00d8ebd4b3ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
343236
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 04:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 04:22:33 GMT
last-modified
Mon, 19 May 2025 21:04:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
277777
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFD2 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.google.com
Referer
https://www.google.com/

Response headers

age
344855
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 03:55:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 03:55:34 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFD2 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.google.com
Referer
https://www.google.com/

Response headers

age
345355
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 03:47:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 03:47:14 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
reload
www.google.com/recaptcha/api2/ Frame CFD2 		43 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
ESF /
Resource Hash
3f7e306fdc4ef5263b2805be40cf3c6733ede9e9893fb73ad4636e3ea9ab9e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-protobuffer
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT

Response headers

cache-control
private
content-encoding
gzip
cross-origin-resource-policy
same-site
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 27 May 2025 03:43:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 27 May 2025 03:43:09 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame CFD2 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css

Response headers

age
344818
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 30 May 2025 03:56:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 03:56:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
600
x-xss-protection
0
server
sffe
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame CFD2 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css

Response headers

age
344071
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 30 May 2025 04:08:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 04:08:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
530
x-xss-protection
0
server
sffe
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame CFD2 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css

Response headers

age
345362
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 30 May 2025 03:47:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 03:47:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
665
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFD2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.google.com
Referer
https://www.google.com/

Response headers

age
345253
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 03:48:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 03:48:56 GMT
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15340
x-xss-protection
0
server
sffe
payload
www.google.com/recaptcha/api2/ Frame CFD2 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6Dx_Lnz8mJNxqS8kYXB375XlWF_RNVKqQsYdFafKgFIOHlZxX_rP2dS3Eny0LPfJUOtXPMGeoAYAh35J2igl9VThzYozrn8Qsduca25h7DzdUPuNHvstnJ6UbWySnP_zG68-S2FEpir7U36EmAmG543MGkPBaMp1GBAY_svZ0frMny-y0-xa4mXwpI-mv1Bdaim6-kN5hmgFhv6mQMxOitebwJWA&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
ESF /
Resource Hash
a69e56c3b59626569d9e1123866c8c9a61f359a3ac58ca0e585c0ff59bdc295f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&k=6Lcdd8kpAAAAAOkznRnCHwUFS8zEd8IUth7ThyeT

Response headers

cache-control
private, max-age=30
cross-origin-resource-policy
same-site
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 27 May 2025 03:43:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 27 May 2025 03:43:09 GMT
x-xss-protection
0
content-type
image/jpeg
server
ESF
x-frame-options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd

Verdicts & Comments Add Verdict or Comment

13 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery function| onSubmit object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __cfBeacon object| recaptcha object| closure_lm_896393

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ANMylNB4Mvret3AlFGDO_6WKSoIbfYM--larLs-rUX_qzItLfj5URwn9xKTK-XhlUOtNbnkE2L_eNbXO6e25hYc
.ctrk.klclick3.com/ Name: __cf_bm
Value: bmJCYQgnX4i6CASHmcVA20ufRW1EbeqqlWHcjatGYgw-1748317387-1.0.1.1-KLieO5T4T90Hc0XynlZo_XotS1aHvw3NvF90059eFo2kAS7ctHYfuUWbGqmr85npZYGKIw5shVMJy68f8oNXGhIyO81KvROG8.mFfg_LWLU
1stinvestor-us.mubasher.info/ Name: PHPSESSID
Value: qk79cpmm4jueafdl74i07arl9c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1stinvestor-us.mubasher.info
code.jquery.com
ctrk.klclick3.com
fonts.gstatic.com
static.cloudflareinsights.com
www.google.com
www.gstatic.com
www.google.com
104.16.80.73
104.17.93.1
104.22.68.116
142.251.10.94
151.101.66.137
74.125.24.105
74.125.24.106
037a6e0c01fc8f4ce4f45c41373055f1cdb5d356f6b0b95dddc62de2cc2348b9
0ae3f0ee6484270d6be9d36e1299fbf6e56a846dcc88be169bf1b161f3d02530
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f7e306fdc4ef5263b2805be40cf3c6733ede9e9893fb73ad4636e3ea9ab9e45
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4f99e51d4d7ec4854d165a709c2051ed12cf18b65e083464158ffecdcbb20bc3
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6671fed8c2d19f5f79b545e73b099e1fe4fbea186a46b9cdfc9c31e8103ac219
6c0046050e9ad2efd17f673ba41f3812717a71d7719cd9a003d5fa102b2e4d02
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
a69e56c3b59626569d9e1123866c8c9a61f359a3ac58ca0e585c0ff59bdc295f
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
dcad914962ca2218e1178a3f93abcbeaa168406321a8e1744def00d8ebd4b3ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855