urlscan.io logo urlscan.io
SecurityTrails logo

www.custom-google-search.ga Open in urlscan Pro
2a00:1450:4001:80f::2013  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.custom-google-search.ga/
Submission: On April 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 42 HTTP transactions. The main IP is 2a00:1450:4001:80f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.custom-google-search.ga.
TLS certificate: Issued by GTS CA 1D4 on April 1st 2023. Valid for: 3 months.
This is the only time www.custom-google-search.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:0:862:ed... 14907 (WIKIMEDIA)
1 2a00:1450:400... 15169 (GOOGLE)
1 50.116.10.214 63949 (AKAMAI-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.243.59.13 39572 (ADVANCEDH...)
2 3.123.95.62 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
4 185.66.200.220 201702 (SKHOSTING-EU)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.66.200.127 201702 (SKHOSTING-EU)
2 185.66.201.8 201702 (SKHOSTING-EU)
2 192.243.61.225 39572 (ADVANCEDH...)
42 19
2    2a00:1450:4001:80f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.custom-google-search.ga
5    2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
4    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    50.116.10.214 (Fremont, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li456-214.members.linode.com
store.i95dev.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.bnserving.com
2    3.123.95.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-95-62.eu-central-1.compute.amazonaws.com
simplewebanalysis.com
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
uprimp.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
3    185.66.200.127 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu
ylx-i.advertica-cdn2.com
2    185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu
ebaaa.xyz
2    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.urldelivery.com
Apex Domain
Subdomains		 Transfer
12 google.com
apis.google.com — Cisco Umbrella Rank: 124
cse.google.com — Cisco Umbrella Rank: 3131
www.google.com — Cisco Umbrella Rank: 2
clients1.google.com — Cisco Umbrella Rank: 456
319 KB
5 blogger.com
www.blogger.com — Cisco Umbrella Rank: 9153
67 KB
4 uprimp.com
uprimp.com — Cisco Umbrella Rank: 176096
6 KB
3 advertica-cdn2.com
ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 187236
27 KB
2 ebaaa.xyz
ebaaa.xyz — Cisco Umbrella Rank: 164048
5 KB
2 urldelivery.com
www.urldelivery.com Failed
1 KB
2 simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 14820
591 B
2 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2601
31 KB
2 custom-google-search.ga
www.custom-google-search.ga
29 KB
1 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 28
117 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 756
33 KB
1 bnserving.com
www.bnserving.com
6 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
455 B
1 i95dev.com
store.i95dev.com
57 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 73
5 KB
42 15
Domain Requested by
5 www.google.com cse.google.com
www.google.com
www.custom-google-search.ga
5 www.blogger.com www.custom-google-search.ga
apis.google.com
4 uprimp.com www.custom-google-search.ga
code.jquery.com
uprimp.com
4 apis.google.com www.custom-google-search.ga
apis.google.com
www.blogger.com
3 ylx-i.advertica-cdn2.com uprimp.com
2 ebaaa.xyz uprimp.com
ebaaa.xyz
2 www.urldelivery.com www.bnserving.com
2 simplewebanalysis.com www.bnserving.com
2 upload.wikimedia.org www.custom-google-search.ga
2 cse.google.com www.custom-google-search.ga
www.google.com
2 www.custom-google-search.ga www.custom-google-search.ga
1 www.googleapis.com www.custom-google-search.ga
1 clients1.google.com www.custom-google-search.ga
1 code.jquery.com uprimp.com
1 www.bnserving.com www.custom-google-search.ga
1 pagead2.googlesyndication.com www.custom-google-search.ga
1 store.i95dev.com www.custom-google-search.ga
1 lh3.googleusercontent.com www.custom-google-search.ga
42 18

This site contains links to these domains. Also see Links.

Domain
yllix.com
www.facebook.com
www.youtube.com
accounts.google.com
cse.google.com
www.blogger.com
Subject Issuer Validity Valid
www.custom-google-search.ga
GTS CA 1D4		 2023-04-01 -
2023-06-30		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-27 -
2023-11-17		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.i95dev.com
Go Daddy Secure Certificate Authority - G2		 2023-01-06 -
2024-01-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
bnserving.com
R3		 2023-03-18 -
2023-06-16		 3 months crt.sh
simplewebanalysis.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-03-31		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
banners.uprimp.com
R3		 2023-04-01 -
2023-06-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
ylx-i.advertica-cdn2.com
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
ebaaa.xyz
R3		 2023-03-21 -
2023-06-19		 3 months crt.sh
*.urldelivery.com
R3		 2023-03-28 -
2023-06-26		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.custom-google-search.ga/
Frame ID: 0C762015FA00033C59A675D8380FB0AD
Requests: 30 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=8480214800349180681&blogName=Custom+Google+Search&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.custom-google-search.ga/search&blogLocale=en&v=2&homepageUrl=https://www.custom-google-search.ga/&vt=-6136241628041914450&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Frame ID: A68E893B00AA609C67441EACB99D889C
Requests: 3 HTTP requests in this frame

Frame: https://uprimp.com/banner_show.php?section=General&pub=849277&format=120x600&ga=g&slider=225beced62a757096d5bb583b9aec011
Frame ID: BF484B32398E4A6B2AC4D55B40BBE7D1
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u77091680331705=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGMwYjZmYzFkMzU5ZWU0Y2U2YTE1M2U5NGFiYjViODA=&u=849277&si=613974592&di=43565512&ci=16&h=6d1b964e1097111269fb97beb1f794b6&cc=DE&slider=225beced62a757096d5bb583b9aec011&https=1&useAf=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev
Frame ID: 81AB56500CE4ED23C6DF48E085A24371
Requests: 5 HTTP requests in this frame

Frame: https://ebaaa.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrikGpAkZCpkripZCACrGjNrdZNrkpNixCrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_50269&adApiR=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&refferer=2959916012_aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev&width=120&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=2108305861782&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 74CA80E7D2FC8488AA29EDA7C857A301
Requests: 1 HTTP requests in this frame

Frame: https://www.urldelivery.com/watch.522615852832?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=74440c02-28e4-4ed9-b7a2-a60ad81ec4cd%3A1%3A1
Frame ID: 7F3D11A20FF33F7C34933C28018D0896
Requests: 1 HTTP requests in this frame

Frame: https://www.urldelivery.com/watch.584639294168?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=74440c02-28e4-4ed9-b7a2-a60ad81ec4cd%3A1%3A1
Frame ID: 49DED5644FAE61FF34588EE28375EC76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Custom Google Searchsearchsearch

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

95 %
HTTPS

61 %
IPv6

15
Domains

18
Subdomains

19
IPs

4
Countries

588 kB
Transfer

1574 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.custom-google-search.ga/ 		201 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
64862701b47efae9c1d05086b530ec091322298ac45b5a3027adae9ba90699b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
27181
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 06:48:23 GMT
etag
W/"cb8e3d82b57e5f08b04f9d436193ec1bec6fcc2e960f19581c44abf526dc4518"
expires
Sat, 01 Apr 2023 06:48:23 GMT
last-modified
Fri, 23 Dec 2022 23:10:49 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7756
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 19:52:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 30 Mar 2024 09:34:59 GMT
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
992826b176584df60085eba2f256765f56eab1c8e61dbaa12581829fc657c734
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 06:48:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21023
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"46826dcb099c8c86"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 06:48:24 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8480214800349180681&zx=df53f75e-b132-4a54-9ce9-ad7ee10cb986
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sat, 01 Apr 2023 06:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 01 Apr 2023 06:48:24 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
cse.js
cse.google.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=partner-pub-2910889676690957:1837906808
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
532f80527f934838a9eef8d3bb0f5a4364d133678b260e2282e914464f440e84
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:24 GMT
content-encoding
br
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-DPXrBwGeYZeLprjJq8txlw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3062
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Sat, 01 Apr 2023 06:48:24 GMT
300px-Facebook_icon_2013.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/f/fb/Facebook_icon_2013.svg/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/f/fb/Facebook_icon_2013.svg/300px-Facebook_icon_2013.svg.png
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
bea2fa2e53c0235ca6f923a167ad52bc9981869e52d32c9bcb3a47285449462a
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:22:09 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
55574
x-cache-status
hit-front
x-cache
cp3051 hit, cp3059 hit/35
content-disposition
inline;filename*=UTF-8''Facebook_icon_2013.svg.png
server-timing
cache;desc="hit-front", host;desc="cp3059"
content-length
2173
x-client-ip
2a00:c98:2050:a007:2::13
last-modified
Sat, 21 May 2022 15:06:43 GMT
server
ATS/9.1.4
etag
53f3bbe717c2aa736632961928059adb
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
Ned_Tu_ge6GgJZ_lIO_5mieIEmjDpq9kfgD05wapmvzcInvT4qQMxhxq_hEazf8ZsqA=w300
lh3.googleusercontent.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Ned_Tu_ge6GgJZ_lIO_5mieIEmjDpq9kfgD05wapmvzcInvT4qQMxhxq_hEazf8ZsqA=w300
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fb60f3e6cf0f9c0c02df93eaef8e9b8723fd32a725c99751890a30d8866145df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:24 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4879
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 27 Mar 2023 15:21:06 GMT
Gmail_Icon.png
upload.wikimedia.org/wikipedia/commons/4/4e/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/4/4e/Gmail_Icon.png
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
fbe8559ad3b4307678250a671b8c259adf8ded119c8d133d1b706f0f4879a051
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 16:02:41 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
53142
x-cache-status
hit-front
x-cache
cp3061 hit, cp3059 hit/43
server-timing
cache;desc="hit-front", host;desc="cp3059"
content-length
28145
x-client-ip
2a00:c98:2050:a007:2::13
x-object-meta-sha1base36
05dny2um55xcqxq5otnh2j9xthhq4wa
last-modified
Fri, 29 Jan 2016 09:28:01 GMT
server
ATS/9.1.4
etag
598d07e7761f5bca3a3f78e95b6db422
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
google_search.png
store.i95dev.com/media/wysiwyg/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.i95dev.com/media/wysiwyg/google_search.png
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.116.10.214 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
li456-214.members.linode.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
25a179bda8fbc6370bbe8909083060f65baf14bc8aaf55c04d376328f3937936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sat, 01 Apr 2023 06:48:24 GMT
Last-Modified
Mon, 16 Jul 2012 10:08:23 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"e268-4c4ef9c28f3c0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=100, max=100
Content-Length
57960
Expires
Mon, 01 May 2023 06:48:24 GMT
cookienotice.js
www.custom-google-search.ga/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.custom-google-search.ga/js/cookienotice.js
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 01 Apr 2023 05:49:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Sat, 08 Apr 2023 06:48:24 GMT
194262808-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/194262808-widgets.js
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55805f4cd47806b81ef9adeada99ec3aad803d7fa1006f48a390c77a1a50d2c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 01:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
276567
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56925
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 00:53:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 28 Mar 2024 01:58:57 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8673b2c72d7ae9a91bb149e2891c0f4ecd02e603494cd566287470f55ff3934
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 17:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61155
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Mar 2024 17:31:27 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 00:53:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
21291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 15 Apr 2023 00:53:33 GMT
invoke.js
www.bnserving.com/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bnserving.com/invoke.js
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
7007f87fa4160d7b947b6775a8f21d2ae3b10529002ecb082af52aae2a7780cc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://www.custom-google-search.ga/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 01 Apr 2023 06:48:24 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
4faae1507b824d29d493b71b148888ea
Expires
Thu, 01 Jan 1970 00:00:01 GMT
navbar.g
www.blogger.com/ Frame A68E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=8480214800349180681&blogName=Custom+Google+Search&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.custom-google-search.ga/search&blogLocale=en&v=2&homepageUrl=https://www.custom-google-search.ga/&vt=-6136241628041914450&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
69f651c8bfb3a2b2831f9844c652a446645508423b28967754b927e27a9f8e4d
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.custom-google-search.ga/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2596
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 06:48:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8480214800349180681&zx=df53f75e-b132-4a54-9ce9-ad7ee10cb986
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Sat, 01 Apr 2023 06:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 01 Apr 2023 06:48:24 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
stats
simplewebanalysis.com/ 		40 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.95.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-95-62.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
cbb922736e60954183c308850b4a636ab873f13617d59b500ba25f29611a5ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://www.custom-google-search.ga
date
Sat, 01 Apr 2023 06:48:24 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
stats
simplewebanalysis.com/ 		40 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.95.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-95-62.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
5b5c61bea65484b4dfbd336dabb215fed1d80f537883b52fd523e891ef95ec85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
https://www.custom-google-search.ga
date
Sat, 01 Apr 2023 06:48:24 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
cse_element__en.js
www.google.com/cse/static/element/11b6937ae69e441f/ 		308 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/11b6937ae69e441f/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2910889676690957:1837906808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f2782b2618657d51ddaf9f7adbe3b59511cc53798f419bb34ce670fa4ca205c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105062
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 18:22:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 30 Mar 2024 09:32:55 GMT
default+en.css
www.google.com/cse/static/element/11b6937ae69e441f/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/11b6937ae69e441f/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2910889676690957:1837906808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9086
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 18:22:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 30 Mar 2024 09:32:55 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2910889676690957:1837906808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 01 Apr 2023 07:22:11 GMT
slider.php
uprimp.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uprimp.com/slider.php?section=General&pub=849277&ga=g&side=random
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
c1eecf9d141612abdd44ff4bcecfcaa0380579027d9f1e4a5b7d2936fa49a266

Request headers

Referer
https://www.custom-google-search.ga/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 06:48:24 GMT
last-modified
Sat, 01 Apr 2023 06:48:24 GMT
server
nginx
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Sat, 01 Apr 2023 06:48:24 GMT
watch.584639294168.js
www.urldelivery.com/ 		0
0
watch.522615852832.js
www.urldelivery.com/ 		0
0
jquery-1.7.2.min.js
code.jquery.com/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.7.2.min.js
Requested by
Host: uprimp.com
URL: https://uprimp.com/slider.php?section=General&pub=849277&ga=g&side=random
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:24 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-17278"
vary
Accept-Encoding
x-hw
1680331704.dop202.fr8.t,1680331704.cds343.fr8.hn,1680331704.cds153.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33626
async-ads.js
cse.google.com/adsense/search/ 		140 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/11b6937ae69e441f/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0a4135d07d4591caf0b1a9166f235eb0f2b8ee596ed433746a4749f5e12bbe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"7909827999296303985"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Sat, 01 Apr 2023 06:48:24 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/11b6937ae69e441f/default+en.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/11b6937ae69e441f/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options
nosniff
age
45792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 30 Mar 2024 18:05:12 GMT
branding.png
www.google.com/cse/static/images/1x/en/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/en/branding.png
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 12:06:39 GMT
x-content-type-options
nosniff
age
412905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1372
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 26 Mar 2024 12:06:39 GMT
generate_204
clients1.google.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
www.googleapis.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame A68E 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=8480214800349180681&blogName=Custom+Google+Search&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.custom-google-search.ga/search&blogLocale=en&v=2&homepageUrl=https://www.custom-google-search.ga/&vt=-6136241628041914450&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
392f1712af09c14cdc20e55fc99010bba2f3a019d8c817cfb1ebbe1eaa1b3c7b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 01 Apr 2023 06:48:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21035
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"ab352c098d97f3d8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 06:48:24 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ Frame A68E 		134 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
190f26b6ca8a373b93ebb537988f426953885e75816de2ef852f03f63a71e4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 17:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45755
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Mar 2024 17:31:28 GMT
banner_show.php
uprimp.com/ Frame BF48 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uprimp.com/banner_show.php?section=General&pub=849277&format=120x600&ga=g&slider=225beced62a757096d5bb583b9aec011
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
d7ced9b82cea70e6c25e8e09919d70313607a09226651a21fc68331d266e8302

Request headers

Referer
https://www.custom-google-search.ga/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 06:48:25 GMT
expires
Sat, 01 Apr 2023 06:48:25 GMT
last-modified
Sat, 01 Apr 2023 06:48:25 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow, noarchive, nosnippet
but_close.png
ylx-i.advertica-cdn2.com/ 		664 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ylx-i.advertica-cdn2.com/but_close.png?1360094895
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.127.skhosting.eu
Software
nginx /
Resource Hash
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.custom-google-search.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:25 GMT
content-encoding
gzip
last-modified
Tue, 05 Feb 2013 20:08:15 GMT
server
nginx
etag
W/"511166af-298"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-server
cdnbts
expires
Mon, 01 May 2023 06:48:25 GMT
show.php
uprimp.com/ Frame 81AB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uprimp.com/show.php?u77091680331705=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGMwYjZmYzFkMzU5ZWU0Y2U2YTE1M2U5NGFiYjViODA=&u=849277&si=613974592&di=43565512&ci=16&h=6d1b964e1097111269fb97beb1f794b6&cc=DE&slider=225beced62a757096d5bb583b9aec011&https=1&useAf=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev
Requested by
Host: uprimp.com
URL: https://uprimp.com/banner_show.php?section=General&pub=849277&format=120x600&ga=g&slider=225beced62a757096d5bb583b9aec011
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
5160532d60ec3533878112fc1960cbb82b5563648e92d79364d97f72077d041b

Request headers

Referer
https://uprimp.com/banner_show.php?section=General&pub=849277&format=120x600&ga=g&slider=225beced62a757096d5bb583b9aec011
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Sat, 01 Apr 2023 06:48:25 GMT
expires
Sat, 01 Apr 2023 06:48:25 GMT
last-modified
Sat, 01 Apr 2023 06:48:25 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow, noarchive, nosnippet
/
ebaaa.xyz/1ccf616e0b/c3706a2c96/ Frame 81AB 		1 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ebaaa.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrikGpAkZCpkripZCACrGjNrdZNrkpNixCrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_50269&adApiR=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&refferer=2959916012_aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev&width=120&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by
Host: uprimp.com
URL: https://uprimp.com/show.php?u77091680331705=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGMwYjZmYzFkMzU5ZWU0Y2U2YTE1M2U5NGFiYjViODA=&u=849277&si=613974592&di=43565512&ci=16&h=6d1b964e1097111269fb97beb1f794b6&cc=DE&slider=225beced62a757096d5bb583b9aec011&https=1&useAf=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.8.skhosting.eu
Software
nginx /
Resource Hash
bd64d3baab4b674e23fb8860841d2a05ecdcac60fae07b48e8328c71cfeb6cd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uprimp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 06:48:25 GMT
content-encoding
br
server
nginx
content-type
application/javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag
noindex,nofollow
expires
Sun, 01 Jan 2014 00:00:00 GMT
pub_93xzfo.png
ylx-i.advertica-cdn2.com/aff/ Frame 81AB 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ylx-i.advertica-cdn2.com/aff/pub_93xzfo.png?1480419357
Requested by
Host: uprimp.com
URL: https://uprimp.com/show.php?u77091680331705=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGMwYjZmYzFkMzU5ZWU0Y2U2YTE1M2U5NGFiYjViODA=&u=849277&si=613974592&di=43565512&ci=16&h=6d1b964e1097111269fb97beb1f794b6&cc=DE&slider=225beced62a757096d5bb583b9aec011&https=1&useAf=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.127.skhosting.eu
Software
nginx /
Resource Hash
2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uprimp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:25 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2016 11:35:57 GMT
server
nginx
etag
W/"583d681d-6389"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-server
cdnbts
expires
Mon, 01 May 2023 06:48:25 GMT
logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 81AB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by
Host: uprimp.com
URL: https://uprimp.com/show.php?u77091680331705=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGMwYjZmYzFkMzU5ZWU0Y2U2YTE1M2U5NGFiYjViODA=&u=849277&si=613974592&di=43565512&ci=16&h=6d1b964e1097111269fb97beb1f794b6&cc=DE&slider=225beced62a757096d5bb583b9aec011&https=1&useAf=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.66.200.127 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.127.skhosting.eu
Software
nginx /
Resource Hash
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uprimp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 06:48:25 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2016 21:46:50 GMT
server
nginx
etag
W/"58409a4a-631"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-server
cdnbts
expires
Mon, 01 May 2023 06:48:25 GMT
/
uprimp.com/trk/ Frame 81AB 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uprimp.com/trk/?6d1b964e1097111269fb97beb1f794b6
Requested by
Host: uprimp.com
URL: https://uprimp.com/show.php?u77091680331705=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGMwYjZmYzFkMzU5ZWU0Y2U2YTE1M2U5NGFiYjViODA=&u=849277&si=613974592&di=43565512&ci=16&h=6d1b964e1097111269fb97beb1f794b6&cc=DE&slider=225beced62a757096d5bb583b9aec011&https=1&useAf=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uprimp.com/show.php?u77091680331705=true&ad=673873&f=120x600&a=491342&cri=0&s=ZGMwYjZmYzFkMzU5ZWU0Y2U2YTE1M2U5NGFiYjViODA=&u=849277&si=613974592&di=43565512&ci=16&h=6d1b964e1097111269fb97beb1f794b6&cc=DE&slider=225beced62a757096d5bb583b9aec011&https=1&useAf=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Apr 2023 06:48:25 GMT
last-modified
Sat, 01 Apr 2023 06:48:25 GMT
server
nginx
cache-directive
no-cache
content-type
image/gif
cache-control
public, no-cache
pragma-directive
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-length
43
expires
0
/
ebaaa.xyz/1ccf616e0b/c3706a2c96/ Frame 74CA 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ebaaa.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrikGpAkZCpkripZCACrGjNrdZNrkpNixCrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_50269&adApiR=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&refferer=2959916012_aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev&width=120&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=2108305861782&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by
Host: ebaaa.xyz
URL: https://ebaaa.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCdrikGpAkZCpkripZCACrGjNrdZNrkpNixCrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_50269&adApiR=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_169059a6268b27b1ced66d21d6dc7fa6cdeb4_2633248_1680331705.353_17873&refferer=2959916012_aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev&width=120&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.8.skhosting.eu
Software
nginx /
Resource Hash
b73d8779269dc22b1e2e18d4e04b6cbdb72ad1f4ea2afbc60a54a61fa9f8c1bd

Request headers

Referer
https://uprimp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 01 Apr 2023 06:48:25 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex,nofollow
watch.522615852832
www.urldelivery.com/ Frame 7F3D 		115 B
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.urldelivery.com/watch.522615852832?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=74440c02-28e4-4ed9-b7a2-a60ad81ec4cd%3A1%3A1
Requested by
Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://www.custom-google-search.ga/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Sat, 01 Apr 2023 06:48:26 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.19.5
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
b17c916e70391c0f12ff14245f7c232c
watch.584639294168
www.urldelivery.com/ Frame 49DE 		115 B
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.urldelivery.com/watch.584639294168?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=74440c02-28e4-4ed9-b7a2-a60ad81ec4cd%3A1%3A1
Requested by
Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://www.custom-google-search.ga/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html
Date
Sat, 01 Apr 2023 06:48:26 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.19.5
Strict-Transport-Security
max-age=0; includeSubdomains
X-Request-ID
49ba8b226c717b6cbf1754f9792610bb

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.urldelivery.com
URL
https://www.urldelivery.com/watch.584639294168.js?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=7cb891b1-fd72-47eb-92ec-eacf5cf3c024%3A2%3A1
Domain
www.urldelivery.com
URL
https://www.urldelivery.com/watch.522615852832.js?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=74440c02-28e4-4ed9-b7a2-a60ad81ec4cd%3A1%3A1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included object| LieDetector object| atAsyncContainers object| __gcse number| winW object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| headTag object| jqTag function| jq_show string| omitformtags function| disableselect function| reEnable function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices function| _googCsa number| nextSearchboxId function| $ function| jQuery number| googleNDT_ number| googleAltLoader boolean| yxsc

8 Cookies

Domain/Path Name / Value
ebaaa.xyz/1ccf616e0b/c3706a2c96 Name: total_impressions
Value: 1
simplewebanalysis.com/ Name: uid_id2
Value: 74440c02-28e4-4ed9-b7a2-a60ad81ec4cd:1:1
.custom-google-search.ga/ Name: 494668b4c0ef4d25bda4e75c27de2817
Value: 74440c02-28e4-4ed9-b7a2-a60ad81ec4cd%3A1%3A1
.uprimp.com/ Name: used_ad2633248
Value: 1
.uprimp.com/ Name: total_impressions
Value: 1
.uprimp.com/ Name: cpa_673873
Value: 120x600_613974592_5
ebaaa.xyz/ Name: used_ad2633248
Value: 1
www.urldelivery.com/ Name: u_pl
Value: 13833043

10 Console Messages

Source Level URL
Text
javascript warning URL: https://www.custom-google-search.ga/(Line 570)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bnserving.com/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.custom-google-search.ga/(Line 570)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bnserving.com/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.custom-google-search.ga/(Line 690)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bnserving.com/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.custom-google-search.ga/(Line 690)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.bnserving.com/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.custom-google-search.ga/(Line 3231)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://uprimp.com/slider.php?section=General&pub=849277&ga=g&side=random, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.custom-google-search.ga/(Line 3231)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://uprimp.com/slider.php?section=General&pub=849277&ga=g&side=random, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.custom-google-search.ga/
Message:
Access to XMLHttpRequest at 'https://www.urldelivery.com/watch.522615852832.js?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=74440c02-28e4-4ed9-b7a2-a60ad81ec4cd%3A1%3A1' from origin 'https://www.custom-google-search.ga' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.urldelivery.com/watch.522615852832.js?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=74440c02-28e4-4ed9-b7a2-a60ad81ec4cd%3A1%3A1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.custom-google-search.ga/
Message:
Access to XMLHttpRequest at 'https://www.urldelivery.com/watch.584639294168.js?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=7cb891b1-fd72-47eb-92ec-eacf5cf3c024%3A2%3A1' from origin 'https://www.custom-google-search.ga' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.urldelivery.com/watch.584639294168.js?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=7cb891b1-fd72-47eb-92ec-eacf5cf3c024%3A2%3A1
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
clients1.google.com
code.jquery.com
cse.google.com
ebaaa.xyz
lh3.googleusercontent.com
pagead2.googlesyndication.com
simplewebanalysis.com
store.i95dev.com
upload.wikimedia.org
uprimp.com
www.blogger.com
www.bnserving.com
www.custom-google-search.ga
www.google.com
www.googleapis.com
www.urldelivery.com
ylx-i.advertica-cdn2.com
www.urldelivery.com
185.66.200.127
185.66.200.220
185.66.201.8
192.243.59.13
192.243.61.225
2001:4de0:ac18::1:a:1a
2620:0:862:ed1a::2:b
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2013
2a00:1450:4001:813::2009
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
3.123.95.62
50.116.10.214
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
190f26b6ca8a373b93ebb537988f426953885e75816de2ef852f03f63a71e4c0
25a179bda8fbc6370bbe8909083060f65baf14bc8aaf55c04d376328f3937936
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479
2f2782b2618657d51ddaf9f7adbe3b59511cc53798f419bb34ce670fa4ca205c
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
392f1712af09c14cdc20e55fc99010bba2f3a019d8c817cfb1ebbe1eaa1b3c7b
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5160532d60ec3533878112fc1960cbb82b5563648e92d79364d97f72077d041b
532f80527f934838a9eef8d3bb0f5a4364d133678b260e2282e914464f440e84
55805f4cd47806b81ef9adeada99ec3aad803d7fa1006f48a390c77a1a50d2c6
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3
5b5c61bea65484b4dfbd336dabb215fed1d80f537883b52fd523e891ef95ec85
64862701b47efae9c1d05086b530ec091322298ac45b5a3027adae9ba90699b1
69f651c8bfb3a2b2831f9844c652a446645508423b28967754b927e27a9f8e4d
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
7007f87fa4160d7b947b6775a8f21d2ae3b10529002ecb082af52aae2a7780cc
992826b176584df60085eba2f256765f56eab1c8e61dbaa12581829fc657c734
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b73d8779269dc22b1e2e18d4e04b6cbdb72ad1f4ea2afbc60a54a61fa9f8c1bd
bd64d3baab4b674e23fb8860841d2a05ecdcac60fae07b48e8328c71cfeb6cd0
bea2fa2e53c0235ca6f923a167ad52bc9981869e52d32c9bcb3a47285449462a
c1eecf9d141612abdd44ff4bcecfcaa0380579027d9f1e4a5b7d2936fa49a266
cbb922736e60954183c308850b4a636ab873f13617d59b500ba25f29611a5ce9
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d7ced9b82cea70e6c25e8e09919d70313607a09226651a21fc68331d266e8302
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0a4135d07d4591caf0b1a9166f235eb0f2b8ee596ed433746a4749f5e12bbe1
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
f8673b2c72d7ae9a91bb149e2891c0f4ecd02e603494cd566287470f55ff3934
fb60f3e6cf0f9c0c02df93eaef8e9b8723fd32a725c99751890a30d8866145df
fbe8559ad3b4307678250a671b8c259adf8ded119c8d133d1b706f0f4879a051