urlscan.io logo urlscan.io
SecurityTrails logo

www.google.com Open in urlscan Pro
2a00:1450:4001:81f::2004  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ganisacgold.cf/
Effective URL: http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D...
Submission: On September 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 12 domains to perform 16 HTTP transactions. The main IP is 2a00:1450:4001:81f::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is www.google.com.
This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 107.160.167.219 40676 (AS40676)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 193.238.153.177 15626 (ITLAS)
2 2 79.110.27.54 209813 (FASTCONTENT)
1 2 185.89.102.2 209813 (FASTCONTENT)
1 2 185.50.248.98 209813 (FASTCONTENT)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 12
1    2606:4700:30::6818:7035 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ganisacgold.cf
2    2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    107.160.167.219 (Walnut, United States)

ASN40676 (AS40676 - Psychz Networks, US)
PTR: astra.mddxqdo.us
menudieta.com
1    2606:4700:30::681b:a7f0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.lineaysalud.com
1    2606:4700:30::6818:6a47 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
horseshoecraftandflea.com
1    193.238.153.177 (Ukraine)

ASN15626 (ITLAS, UA)
PTR: ds26.friendhosting.net
thedarkcorner.org
2    79.110.27.54 (Prague, Czech Republic)

ASN209813 (FASTCONTENT, DE)
take-yourprizesnow.life
2    185.89.102.2 (Ukraine)

ASN209813 (FASTCONTENT, DE)
apps4042.punksgotoserver91.live
2    185.50.248.98 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)
realcenter-mobileapps2.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
google.com
1    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
Domain Requested by
4 www.google.com realcenter-mobileapps2.com
www.google.com
www.gstatic.com
2 realcenter-mobileapps2.com 1 redirects apps4042.punksgotoserver91.live
2 apps4042.punksgotoserver91.live 1 redirects thedarkcorner.org
2 take-yourprizesnow.life 2 redirects
2 ajax.googleapis.com ganisacgold.cf
2 cdnjs.cloudflare.com ganisacgold.cf
1 www.gstatic.com www.google.com
1 google.com 1 redirects
1 thedarkcorner.org ganisacgold.cf
1 horseshoecraftandflea.com ganisacgold.cf
1 www.lineaysalud.com ganisacgold.cf
1 menudieta.com ganisacgold.cf
1 ganisacgold.cf
16 13

This site contains links to these domains. Also see Links.

Domain
support.google.com
Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.googleapis.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
menudieta.com
Let's Encrypt Authority X3		 2019-08-19 -
2019-11-17		 3 months crt.sh
sni43699.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-12 -
2020-02-18		 6 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-11-28 -
2019-11-28		 a year crt.sh
thedarkcorner.org
Let's Encrypt Authority X3		 2019-09-11 -
2019-12-10		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
Frame ID: 77873BB5A663FFBF3CF432F2CF0ADBBC
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cDovL3d3dy5nb29nbGUuY29tOjgw&hl=en&v=v1566858990656&size=normal&s=tmiz_sLivtUSIROOXvadWGMW-IOFmoBFcN6nfBW6kLrYGtVAQmkjNtGKSc4yjMHx04roH-Dd-mXQEBCfMLerrXredTFH3n8bOvtGpKL81_fZj-dB7WmwEMjq0Jpt_NKggJKDa9TNm7xSttcxCqtH4uV5tOqGy3W8IK8ISLPto-kYj7xLS2Z4yGjfAC5W8_hB4Vj6_FjBrvGCxGbUsgs_iboNGYeYn6eeg7lGAf1lwQH5M-dt0CqMxsc&cb=jbr32efe1q5c
Frame ID: 5EC5372AAC5BD7B810BD352CA4CC04B8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1566858990656&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=mv9il3s05rsm
Frame ID: 998B7A10F82B5BCDD11A16EB0595DF01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ganisacgold.cf/ Page URL
  2. http://take-yourprizesnow.life/?u=60ekae3&o=unfh21n&t=main1 HTTP 301
    https://take-yourprizesnow.life/?u=60ekae3&o=unfh21n&t=main1 HTTP 302
    http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1 Page URL
  3. http://apps4042.punksgotoserver91.live/web/ HTTP 302
    http://realcenter-mobileapps2.com/?url=rpLkMn99wF%2bDK8yi2IfeIu5xFeyHDPTa HTTP 302
    http://realcenter-mobileapps2.com/away.php Page URL
  4. http://google.com/ HTTP 302
    http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIh... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<div[^>]+class="g-recaptcha"/i
  • script /\/recaptcha\/api\.js/i

Page Statistics

16
Requests

75 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

12
IPs

5
Countries

689 kB
Transfer

995 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ganisacgold.cf/ Page URL
  2. http://take-yourprizesnow.life/?u=60ekae3&o=unfh21n&t=main1 HTTP 301
    https://take-yourprizesnow.life/?u=60ekae3&o=unfh21n&t=main1 HTTP 302
    http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1 Page URL
  3. http://apps4042.punksgotoserver91.live/web/ HTTP 302
    http://realcenter-mobileapps2.com/?url=rpLkMn99wF%2bDK8yi2IfeIu5xFeyHDPTa HTTP 302
    http://realcenter-mobileapps2.com/away.php Page URL
  4. http://google.com/ HTTP 302
    http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://take-yourprizesnow.life/?u=60ekae3&o=unfh21n&t=main1 HTTP 301
  • https://take-yourprizesnow.life/?u=60ekae3&o=unfh21n&t=main1 HTTP 302
  • http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1
Request Chain 10
  • http://apps4042.punksgotoserver91.live/web/ HTTP 302
  • http://realcenter-mobileapps2.com/?url=rpLkMn99wF%2bDK8yi2IfeIu5xFeyHDPTa HTTP 302
  • http://realcenter-mobileapps2.com/away.php

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
ganisacgold.cf/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ganisacgold.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:7035 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
abf31f7583775261b57a8af958b4b6860f5ead0062ffc1b58e5154721b6084cb

Request headers

Host
ganisacgold.cf
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:00:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dbbef9a6e78c8b67e54d9592cf943f4341568725226; expires=Wed, 16-Sep-20 13:00:26 GMT; path=/; domain=.ganisacgold.cf; HttpOnly
Server
cloudflare
CF-RAY
517b43571f7ccb9c-VIE
Content-Encoding
gzip
shoelace.css
cdnjs.cloudflare.com/ajax/libs/shoelace-css/1.0.0-beta9/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/shoelace-css/1.0.0-beta9/shoelace.css
Requested by
Host: ganisacgold.cf
URL: http://ganisacgold.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2857f8aa694b915ca417348891fc1595609be3f3eea767dacfaf5983c552c5a9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ganisacgold.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:00:26 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13358800
status
200
served-in-seconds
0.007
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:25:36 GMT
server
cloudflare
etag
W/"5afd4a90-8d12"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
517b4357adbdcbac-VIE
expires
Sun, 06 Sep 2020 13:00:26 GMT
bttn.min.css
cdnjs.cloudflare.com/ajax/libs/bttn.css/0.2.4/ 		32 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bttn.css/0.2.4/bttn.min.css
Requested by
Host: ganisacgold.cf
URL: http://ganisacgold.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c313f00ec245de0d68fea44789d39e28e0d9663225d67a17c4e0fe12fc1b1c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ganisacgold.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:00:26 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13358940
status
200
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:17 GMT
server
cloudflare
etag
W/"5afd48d9-8194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
517b4357adbfcbac-VIE
expires
Sun, 06 Sep 2020 13:00:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ganisacgold.cf
URL: http://ganisacgold.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ganisacgold.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 25 Aug 2019 05:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2013951
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
33951
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Aug 2020 05:34:35 GMT
hammer.min.js
ajax.googleapis.com/ajax/libs/hammerjs/2.0.8/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/hammerjs/2.0.8/hammer.min.js
Requested by
Host: ganisacgold.cf
URL: http://ganisacgold.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8a1b58d624eeb47e9e3073531a5d364e41a2e7853c052873a79917f97dd0bb44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ganisacgold.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 29 Aug 2019 19:45:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1617320
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
7373
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Aug 2020 19:45:06 GMT
alimentos-dietas-para-adelgazar.gif
menudieta.com/img/dietas/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://menudieta.com/img/dietas/alimentos-dietas-para-adelgazar.gif
Requested by
Host: ganisacgold.cf
URL: http://ganisacgold.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.160.167.219 Walnut, United States, ASN40676 (AS40676 - Psychz Networks, US),
Reverse DNS
astra.mddxqdo.us
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ganisacgold.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
dieta-para-adelgazar.jpg
www.lineaysalud.com/wp-content/uploads/2015/03/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lineaysalud.com/wp-content/uploads/2015/03/dieta-para-adelgazar.jpg
Requested by
Host: ganisacgold.cf
URL: http://ganisacgold.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a7f0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
05dee22bb7a6ebfea66e1dd9a3cedb34ca676c7d6b8c3458e8081dd55218b4e9

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ganisacgold.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:00:26 GMT
referrer-policy
cf-cache-status
MISS
last-modified
Thu, 30 Jun 2016 05:59:06 GMT
server
cloudflare
etag
"3f145-5367891581e80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
517b435838becbcc-VIE
content-length
258373
expires
Wed, 16 Sep 2020 13:00:26 GMT
menu-ejemplo-adelgazar-perdida-de-peso.jpg
horseshoecraftandflea.com/wp-content/uploads/2017/12/ 		283 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horseshoecraftandflea.com/wp-content/uploads/2017/12/menu-ejemplo-adelgazar-perdida-de-peso.jpg
Requested by
Host: ganisacgold.cf
URL: http://ganisacgold.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6818:6a47 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a97fd4131b84ac4d876cbe1b11b6277cba2037987524359f5995739c3322241

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ganisacgold.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:00:26 GMT
cf-cache-status
MISS
last-modified
Wed, 28 Nov 2018 22:36:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
517b4358dbf5cbb4-VIE
content-length
290031
expires
Tue, 17 Sep 2019 17:00:26 GMT
diets_2
thedarkcorner.org/ 		215 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thedarkcorner.org/diets_2?keyword=dietas%20para%20adelgazar
Requested by
Host: ganisacgold.cf
URL: http://ganisacgold.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.238.153.177 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS
ds26.friendhosting.net
Software
nginx/1.14.1 / PHP/5.4.16
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://ganisacgold.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Sep 2019 13:00:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 13:00:26 GMT
Server
nginx/1.14.1
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=0
Connection
keep-alive
Expires
Thu, 21 Jul 1977 07:30:00 GMT
Cookie set /
apps4042.punksgotoserver91.live/8300446178/
Redirect Chain
  • http://take-yourprizesnow.life/?u=60ekae3&o=unfh21n&t=main1
  • https://take-yourprizesnow.life/?u=60ekae3&o=unfh21n&t=main1
  • http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1
85 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1
Requested by
Host: thedarkcorner.org
URL: https://thedarkcorner.org/diets_2?keyword=dietas%20para%20adelgazar
Protocol
HTTP/1.1
Server
185.89.102.2 , Ukraine, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx/1.12.0 / ASP.NET
Resource Hash

Request headers

Host
apps4042.punksgotoserver91.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://ganisacgold.cf/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ganisacgold.cf/

Response headers

Server
nginx/1.12.0
Date
Tue, 17 Sep 2019 13:00:28 GMT
Content-Type
text/html
Content-Length
85
Connection
keep-alive
Cache-Control
private
Set-Cookie
ASP.NET_SessionId=xlkbaotybjorulzjsmtwpuyn; path=/; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

Server
nginx/1.12.0
Date
Tue, 17 Sep 2019 13:00:28 GMT
Content-Length
211
Connection
keep-alive
Cache-Control
private
Location
http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1
Set-Cookie
ASP.NET_SessionId=t1pwpl0sobmactj20u53fdwm; path=/; HttpOnly
X-Powered-By
ASP.NET
away.php
realcenter-mobileapps2.com/
Redirect Chain
  • http://apps4042.punksgotoserver91.live/web/
  • http://realcenter-mobileapps2.com/?url=rpLkMn99wF%2bDK8yi2IfeIu5xFeyHDPTa
  • http://realcenter-mobileapps2.com/away.php
218 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
http://realcenter-mobileapps2.com/away.php
Requested by
Host: apps4042.punksgotoserver91.live
URL: http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1
Protocol
HTTP/1.1
Server
185.50.248.98 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
realcenter-mobileapps2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=6o3fosaq5tn0h966l1oikrovb6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://apps4042.punksgotoserver91.live/8300446178/?u=60ekae3&o=unfh21n&t=main1&f=1

Response headers

Server
nginx
Date
Tue, 17 Sep 2019 13:00:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 17 Sep 2019 13:00:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=6o3fosaq5tn0h966l1oikrovb6; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
/away.php
Primary Request index
www.google.com/sorry/
Redirect Chain
  • http://google.com/
  • http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
Requested by
Host: realcenter-mobileapps2.com
URL: http://realcenter-mobileapps2.com/away.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
af8e2ef869d6d83b8bb0642a9c50709f5d02593e079f8080c428431e21704a60
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
www.google.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Sep 2019 13:00:30 GMT
Pragma
no-cache
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Content-Type
text/html
Server
HTTP server (unknown)
Content-Length
2808
X-XSS-Protection
0

Redirect headers

Location
http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
Date
Tue, 17 Sep 2019 13:00:30 GMT
Pragma
no-cache
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Server
HTTP server (unknown)
Content-Length
337
X-XSS-Protection
0
api.js
www.google.com/recaptcha/ 		762 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
c2be71422735c4c62ae840477bd44581ba2006ae2ed94b381a3d25fb60300ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Sep 2019 13:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
448
x-xss-protection
1; mode=block
expires
Tue, 17 Sep 2019 13:00:30 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1566858990656/ 		264 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 07:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Aug 2019 23:45:00 GMT
server
sffe
age
1574548
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
94196
x-xss-protection
0
expires
Sat, 29 Aug 2020 07:38:02 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5EC5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cDovL3d3dy5nb29nbGUuY29tOjgw&hl=en&v=v1566858990656&size=normal&s=tmiz_sLivtUSIROOXvadWGMW-IOFmoBFcN6nfBW6kLrYGtVAQmkjNtGKSc4yjMHx04roH-Dd-mXQEBCfMLerrXredTFH3n8bOvtGpKL81_fZj-dB7WmwEMjq0Jpt_NKggJKDa9TNm7xSttcxCqtH4uV5tOqGy3W8IK8ISLPto-kYj7xLS2Z4yGjfAC5W8_hB4Vj6_FjBrvGCxGbUsgs_iboNGYeYn6eeg7lGAf1lwQH5M-dt0CqMxsc&cb=jbr32efe1q5c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G3ye0WHj3L7NC9tCCLBjpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cDovL3d3dy5nb29nbGUuY29tOjgw&hl=en&v=v1566858990656&size=normal&s=tmiz_sLivtUSIROOXvadWGMW-IOFmoBFcN6nfBW6kLrYGtVAQmkjNtGKSc4yjMHx04roH-Dd-mXQEBCfMLerrXredTFH3n8bOvtGpKL81_fZj-dB7WmwEMjq0Jpt_NKggJKDa9TNm7xSttcxCqtH4uV5tOqGy3W8IK8ISLPto-kYj7xLS2Z4yGjfAC5W8_hB4Vj6_FjBrvGCxGbUsgs_iboNGYeYn6eeg7lGAf1lwQH5M-dt0CqMxsc&cb=jbr32efe1q5c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-site
referer
http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 17 Sep 2019 13:00:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-G3ye0WHj3L7NC9tCCLBjpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9212
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
bframe
www.google.com/recaptcha/api2/ Frame 998B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1566858990656&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=mv9il3s05rsm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-podlesBEvziVjdULdGLxlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=v1566858990656&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&cb=mv9il3s05rsm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-site
referer
http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://www.google.com/sorry/index?continue=http://google.com/&q=EhAqAQT4AZJUFAAAAAAAAAACGO2xg-wFIhkA8aeDS7gXPw11nY9i_D62CmPU3IRsbl9WMgFy

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 17 Sep 2019 13:00:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-podlesBEvziVjdULdGLxlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1120
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43,39"

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| submitCallback object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| closure_lm_278422 object| e

0 Cookies