urlscan.io logo urlscan.io
SecurityTrails logo

lh3.googleusercontent.com Open in urlscan Pro
2a00:1450:4001:831::2001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://acortar.link/OC09VO
Effective URL: https://lh3.googleusercontent.com/oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2qy8Q3_MM8LlUnfqo4ECzQ...
Submission: On September 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 2a00:1450:4001:831::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is lh3.googleusercontent.com. The Cisco Umbrella rank of the primary domain is 69.
TLS certificate: Issued by GTS CA 1C3 on August 14th 2023. Valid for: 3 months.
This is the only time lh3.googleusercontent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1
Apex Domain
Subdomains		 Transfer
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 69
377 KB
1 acortar.link
acortar.link — Cisco Umbrella Rank: 352129
1 KB
1 2
Domain Requested by
1 lh3.googleusercontent.com
1 acortar.link 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
*.googleusercontent.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lh3.googleusercontent.com/oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2qy8Q3_MM8LlUnfqo4ECzQo9N33u0G8sdhReHRsumczFmy6FIzgAL5GA6ZullR
Frame ID: 12F5726B1B81337B7B9ED784086AB6A0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2qy8Q3_MM8LlUnfqo4ECzQo9N33u0G8sdhReHRsumczFmy6FIzgAL5GA6ZullR (400×517)

Page URL History Show full URLs

  1. https://acortar.link/OC09VO HTTP 301
    https://lh3.googleusercontent.com/oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2q... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

1
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

377 kB
Transfer

377 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://acortar.link/OC09VO HTTP 301
    https://lh3.googleusercontent.com/oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2qy8Q3_MM8LlUnfqo4ECzQo9N33u0G8sdhReHRsumczFmy6FIzgAL5GA6ZullR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2qy8Q3_MM8LlUnfqo4ECzQo9N33u0G8sdhReHRsumczFmy6FIzgAL5GA6ZullR
lh3.googleusercontent.com/
Redirect Chain
  • https://acortar.link/OC09VO
  • https://lh3.googleusercontent.com/oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2qy8Q3_MM8LlUnfqo4ECzQo9N33u0G8sdhReHRsumczFmy6FIzgAL5GA6ZullR
377 KB
377 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lh3.googleusercontent.com/oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2qy8Q3_MM8LlUnfqo4ECzQo9N33u0G8sdhReHRsumczFmy6FIzgAL5GA6ZullR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5a6773f0c0efaf878648279dedf00b2935606e844c9bf297fddd42f8df6919e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Content-Length
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="pasted image 0.png"
content-length
385849
content-type
image/png
date
Sun, 17 Sep 2023 00:06:44 GMT
etag
"v1"
expires
Mon, 18 Sep 2023 00:06:44 GMT
server
fife
timing-allow-origin
*
vary
Origin
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
807d1addfda218bd-FRA
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Sun, 17 Sep 2023 00:06:44 GMT
location
https://lh3.googleusercontent.com/oEvCPaozljKH3HBusplcEcX8Q8rV5nGIAx04R9gVVKVtVdYHeAXkDBi9ZJXs6jSibDc5VuZZ2a2qy8Q3_MM8LlUnfqo4ECzQo9N33u0G8sdhReHRsumczFmy6FIzgAL5GA6ZullR
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rIXqy6KTM4BY1%2BjSi0LdfSacO%2FnN4%2FfaK1z432ZBQQEqN0NV5YywblD1e%2FwgrVWAfcy4nx6%2FMlSYKkwJSxPr1dzMMwUGIXeHFnKbzTxqArGR7Pn8pM1QCtFqqKeSpYHvLmoR4fj8qMYxec%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
MISS
x-sucuri-id
15035
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Domain/Path Name / Value
acortar.link/ Name: XSRF-TOKEN
Value: eyJpdiI6Ind1N0RwN3hXaXBNNDF2YmhKVm50Ymc9PSIsInZhbHVlIjoiQ0ttTEk4cnpMMGVOQUdMSlBuN3lDYUJxeHBaYThoOE11U0JpSVVieVo4a3M2XC80dFwvY1FNWHM5TkpTZmtCYzc1dGVTd3hxR3pvSjQ5RjFCZXVyVTU4QT09IiwibWFjIjoiZTEzOWY2N2RlYjFiODE2ZWMzN2IxZjJjMGRjMTA2YjY3MDJmZGRmMzFkOWNiMzFjNjgzZGQ5ZWVkMWNlOWYxMyJ9
acortar.link/ Name: laravel_session
Value: eyJpdiI6InFCMTN4YVpxbTNPSkZjRFpuMjRYRGc9PSIsInZhbHVlIjoiNXg4dk9Yb0pDTHNNVEFqa2FuWkxBRDliMktZS05JR3FvSzdpaWpcL2pCdWtmd3Y1bkVxajBNR2prdGUyb2g0cHlvXC90YmZzVUh5ZGNoS0txNnQyR2YyZz09IiwibWFjIjoiM2ZmNjY2MWI0N2JhY2RmYzA4NjZiNGE0NzgxMDA1ZDE5ZjAxYzVmOGNhODM1OTQ5MjlmMGVlMTlkZjViYjZhYyJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acortar.link
lh3.googleusercontent.com
2606:4700:3035::ac43:8eea
2a00:1450:4001:831::2001
5a6773f0c0efaf878648279dedf00b2935606e844c9bf297fddd42f8df6919e9