urlscan.io logo urlscan.io
SecurityTrails logo

www.gdioverseas.com Open in urlscan Pro
119.81.50.209  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.gdioverseas.com/wp-content/plugins/baneer/21956ab5a00.html
Submission: On December 04 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 14 HTTP transactions. The main IP is 119.81.50.209, located in Singapore, Singapore and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is www.gdioverseas.com.
This is the only time www.gdioverseas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 119.81.50.209 36351 (SOFTLAYER)
1 99.198.108.197 32475 (SINGLEHOP...)
2 35.157.234.193 16509 (AMAZON-02)
3 52.29.210.16 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 7
1    119.81.50.209 (Singapore, Singapore)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: d1.32.5177.ip4.static.sl-reverse.com
www.gdioverseas.com
1    99.198.108.197 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US)
PTR: server04.com-2.mobi
a.tdrset.com
2    35.157.234.193 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-234-193.eu-central-1.compute.amazonaws.com
questionfly.com
3    52.29.210.16 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-210-16.eu-central-1.compute.amazonaws.com
panelsave.com
1    2a00:1450:4001:80b::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:810::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
Domain Requested by
3 panelsave.com panelsave.com
2 questionfly.com questionfly.com
1 www.gstatic.com www.google.com
1 www.google.com panelsave.com
www.gstatic.com
1 a.tdrset.com
1 www.gdioverseas.com
14 6

This site contains no links.

Subject Issuer Validity Valid
smartcampaign.site
COMODO RSA Domain Validation Secure Server CA		 2017-06-28 -
2018-05-11		 10 months crt.sh
landerdelivery.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-11 -
2018-02-14		 4 months crt.sh
www.google.com
Google Internet Authority G2		 2017-11-16 -
2018-02-08		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-11-16 -
2018-02-08		 3 months crt.sh

This page contains 6 frames:

Frame: http://a.tdrset.com/?utm_term=6495705282901971731&clickverify=1
Frame ID: 1695.1
Requests: 2 HTTP requests in this frame

Frame: https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=stw&subid=6495705282901971731
Frame ID: 1729.1
Requests: 2 HTTP requests in this frame

Frame: https://panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/
Frame ID: 1751.1
Requests: 3 HTTP requests in this frame

Frame: https://panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/
Frame ID: 1777.1
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?k=6LegYR0TAAAAAPQj12s9xvGu3_2O2jvIB5bb2NI6&co=aHR0cHM6Ly9wYW5lbHNhdmUuY29tOjQ0Mw..&hl=en&type=image&v=r20171129143447&theme=light&size=normal&cb=mr1n9zbslj7w
Frame ID: 1777.2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=r20171129143447&k=6LegYR0TAAAAAPQj12s9xvGu3_2O2jvIB5bb2NI6
Frame ID: 1777.3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

14
Requests

50 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

244 kB
Transfer

409 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://awesomeevening.com/ywxfoplxty/130k HTTP 302
  • http://a.tdrset.com/?utm_medium=fbc33a63526786a49569f373b2ab5c2d474c7788&utm_campaign=Adverten_adult_redirect&1=116887&cid=BvUrUNWqcbvyTNtbjQEGKlwPXeG HTTP 302
  • http://a.tdrset.com/?utm_term=6495705282901971731&clickverify=1
Request Chain 2
  • http://a.tdrset.com/proc.php?574ec4a35a21d2ab76dbfdfaf18fb89f2bb10874 HTTP 302
  • https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=stw&subid=6495705282901971731

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 21956ab5a00.html
www.gdioverseas.com/wp-content/plugins/baneer/ 		157 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gdioverseas.com/wp-content/plugins/baneer/21956ab5a00.html
Protocol
HTTP/1.1
Server
119.81.50.209 Singapore, Singapore, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
d1.32.5177.ip4.static.sl-reverse.com
Software
nginx/1.12.0 /
Resource Hash
6854db17a5ed008b3d14661c41bcdcb4b352b41916ee22db9c05608b8223a32a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.gdioverseas.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Mon, 04 Dec 2017 14:54:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2017 17:29:12 GMT
Server
nginx/1.12.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
/
a.tdrset.com/
Redirect Chain
  • http://awesomeevening.com/ywxfoplxty/130k
  • http://a.tdrset.com/?utm_medium=fbc33a63526786a49569f373b2ab5c2d474c7788&utm_campaign=Adverten_adult_redirect&1=116887&cid=BvUrUNWqcbvyTNtbjQEGKlwPXeG
  • http://a.tdrset.com/?utm_term=6495705282901971731&clickverify=1
0
0
/
a.tdrset.com/ Frame 1729 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://a.tdrset.com/?utm_term=6495705282901971731&clickverify=1
Protocol
HTTP/1.1
Server
99.198.108.197 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
33c95d5971a2bb778609ad80b078e2790b66c5260870175976bb09f0e7dfa77b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
a.tdrset.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.gdioverseas.com/wp-content/plugins/baneer/21956ab5a00.html
Cookie
u=4132b0683f9ca4284e45e5dcaf627968
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://www.gdioverseas.com/wp-content/plugins/baneer/21956ab5a00.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2017 14:54:02 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5a37c8ad-f104-11e5-9f1f-0626cc8adced
questionfly.com/c/ Frame 1729
Redirect Chain
  • http://a.tdrset.com/proc.php?574ec4a35a21d2ab76dbfdfaf18fb89f2bb10874
  • https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=stw&subid=6495705282901971731
0
0
Cookie set 5a37c8ad-f104-11e5-9f1f-0626cc8adced
questionfly.com/c/ Frame 1751 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=stw&subid=6495705282901971731
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.234.193 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-234-193.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
33d6ea3ad7294126a897761d7b5d396f9b93aaf1cca4659700e8bdef40ab51c5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
questionfly.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://a.tdrset.com/?utm_term=6495705282901971731&clickverify=1
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://a.tdrset.com/?utm_term=6495705282901971731&clickverify=1#
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Mon, 04 Dec 2017 14:54:03 GMT
Content-Encoding
gzip
X-Client-Addr
148.251.45.254
Server
nginx/1.12.2
Vary
Accept-Encoding Accept-Encoding
Content-Type
text/html; charset=UTF-8
Set-Cookie
_s=f7f893e8-d902-11e7-a46e-01412d19efe4; expires=Thu, 14-Dec-2017 14:54:03 GMT; Max-Age=864000; path=/; HttpOnly
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
/
questionfly.com/v/f7f8d8a8-d902-11e7-a9e2-01412d19ef82/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced/ Frame 1751 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://questionfly.com/v/f7f8d8a8-d902-11e7-a9e2-01412d19ef82/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced/?pubid=stw&subid=6495705282901971731&_i=1&_s=f7f893e8-d902-11e7-a46e-01412d19efe4&_r=a.tdrset.com&_n=&_d=6|0|0|0|1|1|||1600x1200|u|1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|45|0|1|o:5,min:9,gl:1,font:23,t:45|u|lum0y,6nq96o,0|en-US|Linux%20x86_64|d41d8cd98f00b204e9800998ecf8427e|20030107|5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_12_6)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/61.0.3163.100%20Safari/537.36|0|8|148.251.45.170|u|0|u|u|u|u|u|u|0_0_0_0_1_1_1_0|1|u
Requested by
Host: questionfly.com
URL: https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=stw&subid=6495705282901971731
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.234.193 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-157-234-193.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
questionfly.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Cookie
_s=f7f893e8-d902-11e7-a46e-01412d19efe4
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Mon, 04 Dec 2017 14:54:03 GMT
Content-Encoding
gzip
X-Client-Addr
148.251.45.254
Server
nginx/1.12.2
Vary
Accept-Encoding Accept-Encoding
Content-Type
text/html;charset=utf-8
Cache-Control
no-cache
Refresh
0;url=https://panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/
Connection
keep-alive
Transfer-Encoding
chunked
/
panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/ Frame 1751 		0
0
/
panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/ Frame 1777 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.29.210.16 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-210-16.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
b7c6d039236f76a337b61eda38d8a93f6cd978f8e9667bba69aafe983546015c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
panelsave.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://questionfly.com/v/f7f8d8a8-d902-11e7-a9e2-01412d19ef82/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced/?pubid=stw&subid=6495705282901971731&_i=1&_s=f7f893e8-d902-11e7-a46e-01412d19efe4&_r=a.tdrset.com&_n=&_d=6|0|0|0|1|1|||1600x1200|u|1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|45|0|1|o:5,min:9,gl:1,font:23,t:45|u|lum0y,6nq96o,0|en-US|Linux%20x86_64|d41d8cd98f00b204e9800998ecf8427e|20030107|5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_12_6)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/61.0.3163.100%20Safari/537.36|0|8|148.251.45.170|u|0|u|u|u|u|u|u|0_0_0_0_1_1_1_0|1|u
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://questionfly.com/v/f7f8d8a8-d902-11e7-a9e2-01412d19ef82/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced/?pubid=stw&subid=6495705282901971731&_i=1&_s=f7f893e8-d902-11e7-a46e-01412d19efe4&_r=a.tdrset.com&_n=&_d=6|0|0|0|1|1|||1600x1200|u|1|Google%20Inc.|1|24|24|96|74-f2397a3c|0|0|45|0|1|o:5,min:9,gl:1,font:23,t:45|u|lum0y,6nq96o,0|en-US|Linux%20x86_64|d41d8cd98f00b204e9800998ecf8427e|20030107|5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_12_6)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/61.0.3163.100%20Safari/537.36|0|8|148.251.45.170|u|0|u|u|u|u|u|u|0_0_0_0_1_1_1_0|1|u
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Mon, 04 Dec 2017 14:54:03 GMT
Content-Encoding
gzip
X-Client-Addr
148.251.45.254
Server
nginx/1.12.2
Vary
Accept-Encoding Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
index.css
panelsave.com/static/8c579bd6-2433-11e6-9af1-02401b02a2b5/ Frame 1777 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://panelsave.com/static/8c579bd6-2433-11e6-9af1-02401b02a2b5/index.css
Requested by
Host: panelsave.com
URL: https://panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.29.210.16 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-210-16.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
12ef32ce1980a396abcf82a7009904319aa65bcfd8c5a6a8ccfc2a1ba006217d

Request headers

Accept
text/css,*/*;q=0.1
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
panelsave.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Mon, 04 Dec 2017 14:54:03 GMT
Last-Modified
Mon, 04 Dec 2017 14:52:09 GMT
Server
nginx/1.12.2
ETag
"5a256119-a7e"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2686
imag.png
panelsave.com/static/8c579bd6-2433-11e6-9af1-02401b02a2b5/ Frame 1777 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://panelsave.com/static/8c579bd6-2433-11e6-9af1-02401b02a2b5/imag.png
Requested by
Host: panelsave.com
URL: https://panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.29.210.16 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-210-16.eu-central-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
d4d4c5cc56227940ffb87681bb39a43983adad7f5103167731e496ceea808b17

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
panelsave.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Mon, 04 Dec 2017 14:54:03 GMT
Last-Modified
Mon, 04 Dec 2017 14:52:09 GMT
Server
nginx/1.12.2
ETag
"5a256119-284fc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
165116
api.js
www.google.com/recaptcha/ Frame 1777 		805 B
446 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: panelsave.com
URL: https://panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
b992e76c844912efcf8277dfcda6affe7b519f078eb233f8a652c1bc19eb3b0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/recaptcha/api.js?onload=onloadCallback&render=explicit
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Mon, 04 Dec 2017 14:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
428
x-xss-protection
1; mode=block
expires
Mon, 04 Dec 2017 14:54:03 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/r20171129143447/ Frame 1777 		220 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/r20171129143447/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:810::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
de0ec2e2369f12b72cc8662e83f5b199c92b145df173be7a1ad7554648459d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/recaptcha/api2/r20171129143447/recaptcha__en.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.gstatic.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 30 Nov 2017 20:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Nov 2017 01:15:00 GMT
server
sffe
age
323971
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
71891
x-xss-protection
1; mode=block
expires
Fri, 30 Nov 2018 20:54:32 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1777 		0
0
bframe
www.google.com/recaptcha/api2/ Frame 1777 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.tdrset.com
URL
http://a.tdrset.com/?utm_term=6495705282901971731&clickverify=1
Domain
questionfly.com
URL
https://questionfly.com/c/5a37c8ad-f104-11e5-9f1f-0626cc8adced?pubid=stw&subid=6495705282901971731
Domain
panelsave.com
URL
https://panelsave.com/l/8c579bd6-2433-11e6-9af1-02401b02a2b5/v/f804c776-d902-11e7-b97b-11418ca26c38/
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/anchor?k=6LegYR0TAAAAAPQj12s9xvGu3_2O2jvIB5bb2NI6&co=aHR0cHM6Ly9wYW5lbHNhdmUuY29tOjQ0Mw..&hl=en&type=image&v=r20171129143447&theme=light&size=normal&cb=mr1n9zbslj7w
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=r20171129143447&k=6LegYR0TAAAAAPQj12s9xvGu3_2O2jvIB5bb2NI6

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| verifyCallback number| widgetId1 function| onloadCallback function| showCaptcha function| hideCaptcha function| getRecaptchaUrl function| onCaptchaResolved function| gotoFinalLocation function| beforeCaptchaRender function| afterCaptchaRender object| ___grecaptcha_cfg boolean| __google_recaptcha_client object| recaptcha object| grecaptcha object| closure_lm_216564

0 Cookies