urlscan.io logo urlscan.io
SecurityTrails logo

lebanon-ramadan.blogspot.com Open in urlscan Pro
2a00:1450:4001:808::2001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/Lebanon_Ramadan
Effective URL: https://lebanon-ramadan.blogspot.com/?1
Submission: On September 29 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 8 HTTP transactions. The main IP is 2a00:1450:4001:808::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is lebanon-ramadan.blogspot.com.
TLS certificate: Issued by GTS CA 1O1 on September 3rd 2020. Valid for: 3 months.
This is the only time lebanon-ramadan.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.112.193 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 67.202.94.93 32748 (STEADFAST)
8 6
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lebanon-ramadan.blogspot.com
2    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
goo.gl
1    2606:4700:20::681a:407 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
2    67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
Apex Domain
Subdomains		 Transfer
3 blogspot.com
lebanon-ramadan.blogspot.com
5 KB
2 amung.us
whos.amung.us
288 B
2 imgur.com
i.imgur.com
45 KB
1 waust.at
waust.at
7 KB
1 goo.gl
goo.gl
1 bit.ly
bit.ly
352 B
8 6
Domain Requested by
3 lebanon-ramadan.blogspot.com 1 redirects lebanon-ramadan.blogspot.com
2 whos.amung.us waust.at
2 i.imgur.com lebanon-ramadan.blogspot.com
1 waust.at lebanon-ramadan.blogspot.com
1 goo.gl lebanon-ramadan.blogspot.com
1 bit.ly 1 redirects
8 6

This site contains links to these domains. Also see Links.

Domain
lebanon-ramadanwait.blogspot.com
whos.amung.us
www.blogger.com
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-04 -
2021-09-04		 a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://lebanon-ramadan.blogspot.com/?1
Frame ID: 6D2B0EDA1D76EA69EEDC06AEBE1A6FA0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/Lebanon_Ramadan HTTP 301
    http://lebanon-ramadan.blogspot.com/?1 HTTP 301
    https://lebanon-ramadan.blogspot.com/?1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

57 kB
Transfer

72 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/Lebanon_Ramadan HTTP 301
    http://lebanon-ramadan.blogspot.com/?1 HTTP 301
    https://lebanon-ramadan.blogspot.com/?1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lebanon-ramadan.blogspot.com/
Redirect Chain
  • http://bit.ly/Lebanon_Ramadan
  • http://lebanon-ramadan.blogspot.com/?1
  • https://lebanon-ramadan.blogspot.com/?1
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lebanon-ramadan.blogspot.com/?1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d11b593810dc41407226f4eeb0d7f93d24af52601aac9e1b89044a60a5aac636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
lebanon-ramadan.blogspot.com
:scheme
https
:path
/?1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Tue, 29 Sep 2020 01:39:12 GMT
date
Tue, 29 Sep 2020 01:39:12 GMT
cache-control
private, max-age=0
last-modified
Sun, 19 Apr 2020 09:31:01 GMT
etag
W/"d2934724d1c2f7f0a191245a0d48e4d8fa5a203466446edfa04417cdec63e0cb"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
2067
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location
https://lebanon-ramadan.blogspot.com/?1
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Tue, 29 Sep 2020 01:39:12 GMT
Expires
Tue, 29 Sep 2020 01:39:12 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
X-XSS-Protection
1; mode=block
Content-Length
184
Server
GSE
ywzN18u.gif
i.imgur.com/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/ywzN18u.gif
Requested by
Host: lebanon-ramadan.blogspot.com
URL: https://lebanon-ramadan.blogspot.com/?1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
214194fc72685cbeea8e51234c59eaac3c01ceb72ea6fa7e65ec471535c49a1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lebanon-ramadan.blogspot.com/?1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 01:39:12 GMT
x-content-type-options
nosniff
age
2783550
x-cache
HIT, HIT
status
200
content-length
40140
x-served-by
cache-bwi5145-BWI, cache-hhn4070-HHN
last-modified
Mon, 06 May 2019 18:16:41 GMT
server
cat factory 1.0
x-timer
S1601343552.463595,VS0,VE1
etag
"fd66c4de501c86c30aebdc699e94877e"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
cG7ztK
goo.gl/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goo.gl/cG7ztK
Requested by
Host: lebanon-ramadan.blogspot.com
URL: https://lebanon-ramadan.blogspot.com/?1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lebanon-ramadan.blogspot.com/?1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
Zp9ZZfm.gif
i.imgur.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Zp9ZZfm.gif
Requested by
Host: lebanon-ramadan.blogspot.com
URL: https://lebanon-ramadan.blogspot.com/?1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c6f60e356eaf18a079e4daaf90e412c451cdf0a94474f46f2f22b3a1e5fe8aad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lebanon-ramadan.blogspot.com/?1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 01:39:12 GMT
x-content-type-options
nosniff
age
997685
x-cache
HIT, HIT
status
200
content-length
5605
x-served-by
cache-bwi5137-BWI, cache-hhn4070-HHN
last-modified
Sun, 10 Feb 2019 01:58:28 GMT
server
cat factory 1.0
x-timer
S1601343552.463573,VS0,VE1
etag
"97fd16e3dbcb15c02d3c6fb8fc7b6f0e"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
d.js
waust.at/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/d.js
Requested by
Host: lebanon-ramadan.blogspot.com
URL: https://lebanon-ramadan.blogspot.com/?1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa8c2057af08d12b4e74599705c6e88f36bda5f4ec712fe58d1286a159fcfa6

Request headers

Referer
https://lebanon-ramadan.blogspot.com/?1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 01:39:12 GMT
content-encoding
br
cf-cache-status
HIT
age
527
status
200
cf-request-id
05791c93ab00001eb1811d7200000001
last-modified
Sun, 27 Sep 2020 04:16:51 GMT
server
cloudflare
etag
W/"5f701233-33b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
5da1fd32a8a61eb1-AMS
expires
Wed, 30 Sep 2020 01:30:25 GMT
cookienotice.js
lebanon-ramadan.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lebanon-ramadan.blogspot.com/js/cookienotice.js
Requested by
Host: lebanon-ramadan.blogspot.com
URL: https://lebanon-ramadan.blogspot.com/?1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lebanon-ramadan.blogspot.com/?1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Sep 2020 01:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 20:48:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
expires
Tue, 06 Oct 2020 01:39:12 GMT
/
whos.amung.us/pingjs/ 		28 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=lebramadan&t=%D8%B1%D8%B5%D9%8A%D8%AF%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%20%D9%84%D8%A8%D9%86%D8%A7%D9%86%20-%20%D8%B1%D9%85%D8%B6%D8%A7%D9%86&c=d&y=&a=0&r=6064
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
295939aa21b711cb1c7fe15e394a692071d412b799ee71bf9434d89bc16adddf

Request headers

Referer
https://lebanon-ramadan.blogspot.com/?1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 29 Sep 2020 01:39:12 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
/
whos.amung.us/pingjs/ 		28 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=odcompany&t=%D8%B1%D8%B5%D9%8A%D8%AF%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%20%D9%84%D8%A8%D9%86%D8%A7%D9%86%20-%20%D8%B1%D9%85%D8%B6%D8%A7%D9%86&c=d&y=&a=1&r=918
Requested by
Host: waust.at
URL: https://waust.at/d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
cc3f5492978971555cd7d35e2b0aa3769bf34edc88340199ef0598e06b9deb99

Request headers

Referer
https://lebanon-ramadan.blogspot.com/?1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 29 Sep 2020 01:39:12 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| adsbygoogle object| _wau object| cookieChoices string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_dynamic_request function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| x string| x1 string| x2

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block