www.custom-google-search.ga Open in urlscan Pro
2a00:1450:4001:81e::2013 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.custom-google-search.ga/
Submission Tags: @phishunt_io
Submission: On September 18 via api (September 18th 2020, 7:47:03 pm UTC) from ES

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 30 HTTP transactions. The main IP is 2a00:1450:4001:81e::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.custom-google-search.ga.
TLS certificate: Issued by GTS CA 1D2 on September 13th 2020. Valid for: 3 months.

This is the only time www.custom-google-search.ga was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:81e::2013	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2009	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	50.116.10.214 50.116.10.214	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	213.196.2.2 213.196.2.2	7979 (SERVERS-COM) (SERVERS-COM)
3	2a00:1450:400... 2a00:1450:400a:803::2003	15169 (GOOGLE) (GOOGLE)
2	213.196.5.3 213.196.5.3	7979 (SERVERS-COM) (SERVERS-COM)
30	13

2 2a00:1450:4001:81e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.custom-google-search.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.10.214 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li456-214.members.linode.com

store.i95dev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.196.2.2 (Netherlands)

ASN7979 (SERVERS-COM, US)

www.bnserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.remarketingpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400a:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.196.5.3 (Netherlands)

ASN7979 (SERVERS-COM, US)

www.urldelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com 4 redirects apis.google.com www.google.com cse.google.com	91 KB
5	blogger.com www.blogger.com	58 KB
3	gstatic.com csi.gstatic.com	445 B
2	urldelivery.com www.urldelivery.com Failed
2	wikimedia.org upload.wikimedia.org	29 KB
2	custom-google-search.ga www.custom-google-search.ga	30 KB
1	remarketingpixel.com r.remarketingpixel.com	554 B
1	bnserving.com www.bnserving.com	5 KB
1	googlesyndication.com pagead2.googlesyndication.com	911 B
1	i95dev.com store.i95dev.com	57 KB
1	googleusercontent.com lh3.googleusercontent.com	5 KB
1	blogblog.com resources.blogblog.com	611 B
30	12

	Domain	Requested by
5	www.google.com	3 redirects www.custom-google-search.ga
5	www.blogger.com	www.custom-google-search.ga apis.google.com
4	cse.google.com	1 redirects www.custom-google-search.ga
3	csi.gstatic.com	www.custom-google-search.ga
3	apis.google.com	www.custom-google-search.ga apis.google.com
2	www.urldelivery.com	www.bnserving.com
2	upload.wikimedia.org	www.custom-google-search.ga
2	www.custom-google-search.ga	www.custom-google-search.ga
1	r.remarketingpixel.com	www.bnserving.com
1	www.bnserving.com	www.custom-google-search.ga
1	pagead2.googlesyndication.com	www.custom-google-search.ga
1	store.i95dev.com	www.custom-google-search.ga
1	lh3.googleusercontent.com	www.custom-google-search.ga
1	resources.blogblog.com	www.custom-google-search.ga
30	14

This site contains no links.

Subject Issuer	Validity	Valid
www.custom-google-search.ga GTS CA 1D2	`2020-09-13` - `2020-12-12`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-10-06`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.i95dev.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
bnserving.com Let's Encrypt Authority X3	`2020-07-29` - `2020-10-27`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
r.remarketingpixel.com Let's Encrypt Authority X3	`2020-09-05` - `2020-12-04`	3 months	crt.sh
urldelivery.com Let's Encrypt Authority X3	`2020-08-10` - `2020-11-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.custom-google-search.ga/
Frame ID: DAEE358618148EDD603C7CACEA2263A4
Requests: 27 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=8480214800349180681&blogName=Custom+Google+Search&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.custom-google-search.ga/search&blogLocale=en&v=2&homepageUrl=https://www.custom-google-search.ga/&vt=-6136241628041914450&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: F88AC0482F17544017AC4F7CE27689B0
Requests: 1 HTTP requests in this frame

Frame: https://www.urldelivery.com/watch.1363176439588?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=2&dev=r&res=4.23&uuid=4ead4b83-861a-42d0-8b49-0006a79a4802%3A2%3A1
Frame ID: 8B3F6960439C49595FCEBC4EE1A7BF78
Requests: 1 HTTP requests in this frame

Frame: https://www.urldelivery.com/watch.297322081037?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=2&dev=r&res=4.23&uuid=4ead4b83-861a-42d0-8b49-0006a79a4802%3A2%3A1
Frame ID: A9A8C77E9BED20F31FA2C957B504E249
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

30
Requests

93 %
HTTPS

75 %
IPv6

12
Domains

14
Subdomains

13
IPs

4
Countries

277 kB
Transfer

730 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.google.com/cse/api/branding.css HTTP 302
https://cse.google.com/cse/api/branding.css

Request Chain 7

https://www.google.com/cse/query_renderer.js HTTP 302
https://cse.google.com/cse/query_renderer.js

Request Chain 8

https://www.google.com/cse/api/partner-pub-2910889676690957/cse/1837906808/queries/js?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render HTTP 302
https://cse.google.com/cse/api/partner-pub-2910889676690957/cse/1837906808/queries/js?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render HTTP 301
https://cse.google.com/api/partner-pub-2910889676690957:1837906808/popularqueryjs?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.custom-google-search.ga/ 204 KB
28 KB 229ms
167ms Document
text/html 2a00:1450:4001:81e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c23dc24014eeffe87c8f94573e2ee79152a1795b145f9e331952b62e540deb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.custom-google-search.ga
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
expires: Fri, 18 Sep 2020 19:46:47 GMT
date: Fri, 18 Sep 2020 19:46:47 GMT
cache-control: private, max-age=0
last-modified: Sat, 29 Feb 2020 00:47:35 GMT
etag: W/"81d02c326025361160f6acfc1098c90935f8a2c9c64fdf66862dc6fa74f98054"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28079
server: GSE

GET
H2 200 3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
8 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 00:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 13 Sep 2020 15:13:33 GMT
server: sffe
age: 416743
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7982
x-xss-protection: 0
expires: Tue, 14 Sep 2021 00:01:04 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
665 B 126ms
107ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8480214800349180681&zx=2b74ecd4-630b-4984-b8cd-cb9b3064c1cf

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 18 Sep 2020 19:46:47 GMT
server: GSE
date: Fri, 18 Sep 2020 19:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
20 KB 51ms
30ms Script
application/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nf6nnmXAecRFG+ok3KND8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 19:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "9d5cd1be658ea5e8c43387860482a354"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-nf6nnmXAecRFG+ok3KND8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 18 Sep 2020 19:46:47 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
611 B 8ms
6ms Image
image/png 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 15:50:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 06:28:49 GMT
server: sffe
age: 186950
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Wed, 23 Sep 2020 15:50:57 GMT

GET
H2

200

branding.css
cse.google.com/cse/api/
Redirect Chain

https://www.google.com/cse/api/branding.css
https://cse.google.com/cse/api/branding.css

1 KB
705 B

31ms
9ms

Stylesheet
text/css

2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/api/branding.css

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 19:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Nov 2007 23:34:50 GMT
server: pfe
age: 1723
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: public, max-age=1800
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 322
x-xss-protection: 0
expires: Fri, 18 Sep 2020 19:48:04 GMT

Redirect headers

date: Fri, 18 Sep 2020 19:46:47 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/api/branding.css
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0

GET
H2 200 poweredby_999999.gif
www.google.com/images/poweredby_transparent/ 488 B
620 B 42ms
41ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/poweredby_transparent/poweredby_999999.gif

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 19:46:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 488
x-xss-protection: 0
expires: Fri, 18 Sep 2020 19:46:47 GMT

GET
H2 200 show_afs_search.js Show response
www.google.com/afsonline/ 3 KB
2 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afsonline/show_afs_search.js

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0525bc8ee363380e856ceb51be5de45b8ae33c3947d81873df3be6255b47c8f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 19:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=0
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1456
x-xss-protection: 0
expires: Fri, 18 Sep 2020 19:46:47 GMT

GET
H2

200

query_renderer.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/query_renderer.js
https://cse.google.com/cse/query_renderer.js

762 B
455 B

32ms
10ms

Script
text/javascript

2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/query_renderer.js

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

c8b05798a0c12a22cbf40cf9639f2c7807fa33cd87242171e441645582fa9ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 19:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jan 2011 00:58:00 GMT
server: pfe
age: 289
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 18 Sep 2020 20:11:58 GMT

Redirect headers

date: Fri, 18 Sep 2020 19:46:47 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/query_renderer.js
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0

GET
H3-Q050

200

popularqueryjs Show response
cse.google.com/api/partner-pub-2910889676690957:1837906808/
Redirect Chain

https://www.google.com/cse/api/partner-pub-2910889676690957/cse/1837906808/queries/js?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
https://cse.google.com/cse/api/partner-pub-2910889676690957/cse/1837906808/queries/js?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
https://cse.google.com/api/partner-pub-2910889676690957:1837906808/popularqueryjs?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render

879 B
727 B

199ms
185ms

Script
text/javascript

2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/api/partner-pub-2910889676690957:1837906808/popularqueryjs?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

abfb1db204bd371c81850bbbe3c34f9fc8b515ea2b08befbf602b4859e8cb530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 19:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=86400
content-disposition: attachment
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
expires: Fri, 18 Sep 2020 19:46:47 GMT

Redirect headers

date: Fri, 18 Sep 2020 19:46:47 GMT
x-content-type-options: nosniff
server: pfe
status: 301
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://cse.google.com/api/partner-pub-2910889676690957:1837906808/popularqueryjs?oe=UTF-8&callback=(new+PopularQueryRenderer(document.getElementById(%22queries%22))).render
cache-control: private, max-age=2592000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 374
x-xss-protection: 0
expires: Fri, 18 Sep 2020 19:46:47 GMT

GET
H2 200 300px-Facebook_icon_2013.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/f/fb/Facebook_icon_2013.svg/ 1 KB
1 KB 49ms
23ms Image
image/webp 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/f/fb/Facebook_icon_2013.svg/300px-Facebook_icon_2013.svg.png

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

6ecdf592f2501b7b4f772977a221571a2e57d2929d12283277dbd4fdbe26a2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 09:17:49 GMT
age: 37738
x-cache-status: hit-front
x-cache: cp3059 hit, cp3061 hit/15
status: 200
server-timing: cache;desc="hit-front"
content-length: 1120
x-client-ip: 2a01:4f8:192:5414::2
last-modified: Fri, 21 Jun 2019 10:36:42 GMT
server: ATS/8.0.8
etag: 145d43261f66c4bd0ea4ab5cac8415ed
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
x-timestamp: 1561113401.50004
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 Ned_Tu_ge6GgJZ_lIO_5mieIEmjDpq9kfgD05wapmvzcInvT4qQMxhxq_hEazf8ZsqA=w300
lh3.googleusercontent.com/ 4 KB
5 KB 9ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Ned_Tu_ge6GgJZ_lIO_5mieIEmjDpq9kfgD05wapmvzcInvT4qQMxhxq_hEazf8ZsqA=w300

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

af2bf7fe5e8247c6810d542b7453795eee4a105189ffc71dc88f6b3e8f055840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 17:12:38 GMT
x-content-type-options: nosniff
age: 9249
status: 200
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4493
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Sep 2020 12:23:34 GMT

GET
H2 200 Gmail_Icon.png
upload.wikimedia.org/wikipedia/commons/4/4e/ 27 KB
28 KB 39ms
14ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/4/4e/Gmail_Icon.png

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

fbe8559ad3b4307678250a671b8c259adf8ded119c8d133d1b706f0f4879a051

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 03:16:32 GMT
age: 59415
x-cache-status: hit-front
x-cache: cp3061 hit, cp3061 hit/1078
status: 200
server-timing: cache;desc="hit-front"
content-length: 28145
x-client-ip: 2a01:4f8:192:5414::2
x-object-meta-sha1base36: 05dny2um55xcqxq5otnh2j9xthhq4wa
last-modified: Mon, 01 Feb 2016 10:54:19 GMT
server: ATS/8.0.8
etag: 598d07e7761f5bca3a3f78e95b6db422
strict-transport-security: max-age=106384710; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1454324058.95571
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H/1.1 200
OK google_search.png
store.i95dev.com/media/wysiwyg/ 57 KB
57 KB 662ms
162ms Image
image/png 50.116.10.214
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.i95dev.com/media/wysiwyg/google_search.png
Requested by: Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.116.10.214 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li456-214.members.linode.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 25a179bda8fbc6370bbe8909083060f65baf14bc8aaf55c04d376328f3937936

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 19:46:48 GMT
Last-Modified: Mon, 16 Jul 2012 10:08:23 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "e268-4c4ef9c28f3c0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=100, max=100
Content-Length: 57960
Expires: Sun, 18 Oct 2020 19:46:48 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 140 KB
49 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 383584
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50000
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:13:43 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 54 KB
18 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9488c5faccbb42f71c8238479837eb1f78aee571cf24c5a515668d7ce58c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 383081
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17797
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:22:06 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
911 B 25ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 09:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Oct 2020 09:05:14 GMT

GET
H/1.1 200
OK invoke.js Show response
www.bnserving.com/ 11 KB
5 KB 66ms
20ms Script
application/javascript 213.196.2.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bnserving.com/invoke.js

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.2.2 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

7a14e2c32c6a42c292a80640d77b95254b03b08756fff2f2602b7396f9203679

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 18 Sep 2020 19:46:47 GMT
Content-Encoding: gzip
Server: nginx/1.17.6
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-Q050 200 navbar.g
www.blogger.com/ Frame F88A 0
0 242ms
228ms Document
text/html 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=8480214800349180681&blogName=Custom+Google+Search&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.custom-google-search.ga/search&blogLocale=en&v=2&homepageUrl=https://www.custom-google-search.ga/&vt=-6136241628041914450&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=8480214800349180681&blogName=Custom+Google+Search&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.custom-google-search.ga/search&blogLocale=en&v=2&homepageUrl=https://www.custom-google-search.ga/&vt=-6136241628041914450&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.custom-google-search.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.custom-google-search.ga/

Response headers

status: 200
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Sep 2020 19:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2616
server: GSE
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 csi
csi.gstatic.com/ 0
339 B 89ms
48ms Image
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_global&action=global&it=blt.1,psi.0&srt=229&e=abc_l0,abc_m0,abc_u0&rt=
Requested by: Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 19:46:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 csi
csi.gstatic.com/ 0
53 B 89ms
48ms Image
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_module&action=plusone&it=mli.39,mei.10&e=abc_l0,abc_m0,abc_pplusone,abc_u0&rt=
Requested by: Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 19:46:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 csi
csi.gstatic.com/ 0
53 B 89ms
48ms Image
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csi.gstatic.com/csi?v=3&s=gapi_module&action=gapi_iframes__gapi_iframes_s21&it=mli.31,mei.2&e=abc_l0,abc_m0,abc_pgapi_iframes__gapi_iframes_s21,abc_u0&rt=
Requested by: Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Sep 2020 19:46:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
865 B 124ms
115ms Stylesheet
text/css 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8480214800349180681&zx=2b74ecd4-630b-4984-b8cd-cb9b3064c1cf

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 18 Sep 2020 19:46:47 GMT
server: GSE
date: Fri, 18 Sep 2020 19:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK stats Show response
r.remarketingpixel.com/ 40 B
554 B 51ms
17ms XHR
text/html 213.196.2.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://r.remarketingpixel.com/stats
Requested by: Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.2.2 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 711307bf2d534d91e02f758728acc39a7e5ee00c8b8afad2a881dcc568b8f62d

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 18 Sep 2020 19:46:47 GMT
Server: nginx/1.17.6
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.custom-google-search.ga
Cache-Control: max-age=0, : no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 40
Expires: Fri, 18 Sep 2020 19:46:47 GMT

GET watch.1363176439588.js
www.urldelivery.com/ 0
0

GET
H/1.1 200
OK Cookie set watch.1363176439588
www.urldelivery.com/ Frame 8B3F 0
0 19ms
19ms Document
text/html 213.196.5.3
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.urldelivery.com/watch.1363176439588?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=2&dev=r&res=4.23&uuid=4ead4b83-861a-42d0-8b49-0006a79a4802%3A2%3A1

Requested by

Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.3 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Host: www.urldelivery.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.custom-google-search.ga/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.custom-google-search.ga/

Response headers

Server: nginx/1.17.6
Date: Fri, 18 Sep 2020 19:46:47 GMT
Content-Type: text/html
Content-Length: 103
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: u_pl=13833043; expires=Sat, 19 Sep 2020 19:46:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET watch.297322081037.js
www.urldelivery.com/ 0
0

GET
H2 200 cookienotice.js Show response
www.custom-google-search.ga/js/ 6 KB
2 KB 39ms
13ms Script
text/javascript 2a00:1450:4001:81e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.custom-google-search.ga/js/cookienotice.js

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 19:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 19:26:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Fri, 25 Sep 2020 19:46:47 GMT

GET
H3-Q050 200 4144282483-widgets.js Show response
www.blogger.com/static/v1/widgets/ 133 KB
49 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:802::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/4144282483-widgets.js

Requested by

Host: www.custom-google-search.ga
URL: https://www.custom-google-search.ga/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b11f8b7b21baf8afcba3aca4cff16acce404ce26e84bb86efd9b553c018dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.custom-google-search.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 14:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 00:39:51 GMT
server: sffe
age: 18533
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49506
x-xss-protection: 0
expires: Sat, 18 Sep 2021 14:37:54 GMT

GET
H/1.1 200
OK Cookie set watch.297322081037
www.urldelivery.com/ Frame A9A8 0
0 20ms
19ms Document
text/html 213.196.5.3
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.urldelivery.com/watch.297322081037?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=2&dev=r&res=4.23&uuid=4ead4b83-861a-42d0-8b49-0006a79a4802%3A2%3A1

Requested by

Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.196.5.3 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Host: www.urldelivery.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.custom-google-search.ga/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.custom-google-search.ga/

Response headers

Server: nginx/1.17.6
Date: Fri, 18 Sep 2020 19:46:47 GMT
Content-Type: text/html
Content-Length: 103
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: u_pl=13833022; expires=Sat, 19 Sep 2020 19:46:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.urldelivery.com
URL: https://www.urldelivery.com/watch.1363176439588.js?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=2&dev=r&res=4.23&uuid=4ead4b83-861a-42d0-8b49-0006a79a4802%3A2%3A1

Domain: www.urldelivery.com
URL: https://www.urldelivery.com/watch.297322081037.js?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=2&dev=r&res=4.23&uuid=4ead4b83-861a-42d0-8b49-0006a79a4802%3A2%3A1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.custom-google-search.ga/	1970-01-19 12:44:23	Name: 494668b4c0ef4d25bda4e75c27de2817 Value: 4ead4b83-861a-42d0-8b49-0006a79a4802%3A2%3A1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.bnserving.com/invoke.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://www.bnserving.com/invoke.js(Line 1) Message: console.clear
console-api	log	URL: https://www.bnserving.com/invoke.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://www.bnserving.com/invoke.js(Line 1) Message: console.clear
console-api	log	URL: https://www.bnserving.com/invoke.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://www.bnserving.com/invoke.js(Line 1) Message: console.clear
console-api	log	URL: https://www.bnserving.com/invoke.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://www.bnserving.com/invoke.js(Line 1) Message: console.clear

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
cse.google.com
csi.gstatic.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
r.remarketingpixel.com
resources.blogblog.com
store.i95dev.com
upload.wikimedia.org
www.blogger.com
www.bnserving.com
www.custom-google-search.ga
www.google.com
www.urldelivery.com
www.urldelivery.com
213.196.2.2
213.196.5.3
2620:0:862:ed1a::2:b
2a00:1450:4001:802::2009
2a00:1450:4001:809::2002
2a00:1450:4001:816::2001
2a00:1450:4001:819::200e
2a00:1450:4001:81e::2013
2a00:1450:4001:81f::200e
2a00:1450:4001:824::2004
2a00:1450:400a:803::2003
50.116.10.214
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0525bc8ee363380e856ceb51be5de45b8ae33c3947d81873df3be6255b47c8f8
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
25a179bda8fbc6370bbe8909083060f65baf14bc8aaf55c04d376328f3937936
46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167
5c23dc24014eeffe87c8f94573e2ee79152a1795b145f9e331952b62e540deb4
6ecdf592f2501b7b4f772977a221571a2e57d2929d12283277dbd4fdbe26a2d6
711307bf2d534d91e02f758728acc39a7e5ee00c8b8afad2a881dcc568b8f62d
7a14e2c32c6a42c292a80640d77b95254b03b08756fff2f2602b7396f9203679
91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3
abfb1db204bd371c81850bbbe3c34f9fc8b515ea2b08befbf602b4859e8cb530
ad9488c5faccbb42f71c8238479837eb1f78aee571cf24c5a515668d7ce58c48
af2bf7fe5e8247c6810d542b7453795eee4a105189ffc71dc88f6b3e8f055840
c7b11f8b7b21baf8afcba3aca4cff16acce404ce26e84bb86efd9b553c018dbc
c8b05798a0c12a22cbf40cf9639f2c7807fa33cd87242171e441645582fa9ea8
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
fbe8559ad3b4307678250a671b8c259adf8ded119c8d133d1b706f0f4879a051

www.custom-google-search.ga Open in urlscan Pro 2a00:1450:4001:81e::2013 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

75 %IPv6

12 Domains

14 Subdomains

13 IPs

4 Countries

277 kBTransfer

730 kBSize

1 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

www.custom-google-search.ga Open in urlscan Pro
2a00:1450:4001:81e::2013 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

75 %
IPv6

12
Domains

14
Subdomains

13
IPs

4
Countries

277 kB
Transfer

730 kB
Size

1
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!