www6.up-shorty.com Open in urlscan Pro
35.186.238.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://up-shorty.com/preview/bVRPj3jCZ8/Majestic.pdf
Effective URL:
http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchb...
Submission Tags: falconsandbox
Submission: On March 08 via api (March 8th 2021, 11:27:03 am UTC) from US

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 35.186.238.101, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www6.up-shorty.com.

This is the only time www6.up-shorty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	96.126.123.244 96.126.123.244	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	45.79.19.196 45.79.19.196	63949 (LINODE-AP...) (LINODE-AP Linode)
1	35.186.238.101 35.186.238.101	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2.17.185.233 2.17.185.233	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.71.216.15 52.71.216.15	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	45.79.38.145 45.79.38.145	63949 (LINODE-AP...) (LINODE-AP Linode)
22	7

3 96.126.123.244 (Richardson, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li372-244.members.linode.com

up-shorty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.19.196 (Richardson, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1118-196.members.linode.com

www77.up-shorty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.238.186.35.bc.googleusercontent.com

www6.up-shorty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.185.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-185-233.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.71.216.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-216-15.compute-1.amazonaws.com

api.aws.parking.godaddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.79.38.145 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1137-145.members.linode.com

postback.trafficmotor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	google.com www.google.com	144 KB
5	up-shorty.com 2 redirects up-shorty.com www77.up-shorty.com www6.up-shorty.com	7 KB
4	godaddy.com api.aws.parking.godaddy.com	1 KB
2	trafficmotor.com postback.trafficmotor.com	227 B
2	wsimg.com img1.wsimg.com	132 KB
1	googleusercontent.com afs.googleusercontent.com	521 B
22	6

	Domain	Requested by
10	www.google.com	www6.up-shorty.com www.google.com
4	api.aws.parking.godaddy.com	img1.wsimg.com
3	up-shorty.com	1 redirects up-shorty.com
2	postback.trafficmotor.com	img1.wsimg.com
2	img1.wsimg.com	www6.up-shorty.com
1	afs.googleusercontent.com	www.google.com
1	www6.up-shorty.com
1	www77.up-shorty.com	1 redirects
22	8

This site contains no links.

Subject Issuer	Validity	Valid
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2020-09-22` - `2021-10-24`	a year	crt.sh
*.aws.parking.godaddy.com Go Daddy Secure Certificate Authority - G2	`2020-03-09` - `2022-03-09`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
postback.trafficmotor.com R3	`2021-01-09` - `2021-04-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchbox=1&showDomain=1
Frame ID: E2277144FA2E97914760DE5B3F9F1F79
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/afs/ads/i/iframe.html
Frame ID: 9B722662111AD0A0CF88961477758DA6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/dp/ads?r=m&domain_name=up-shorty.com&cpp=0&client=dp-namemedia08_3ph&channel=08236&adtest=off&adsafe=low&type=3&pcsa=false&psid=1293544924&swp=as-drid-2395277546132987&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300441%2C17300443%2C17300494%2C17300496%2C17300598&format=r6%7Cs&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=3&u_tz=60&dt=1615202810566&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=219&frm=0&uio=sl1sr1-st24sa11lt40-&cont=relatedLinks&csize=w600h18&inames=master-1&jsv=97509&rurl=http%3A%2F%2Fwww6.up-shorty.com%2F%3Ftemplate%3DVERTICAL_LINES%26tdfs%3D0%26s_token%3D1615202809.0030285556%26uuid%3D1615202809.0030285556%26searchbox%3D1%26showDomain%3D1&referer=http%3A%2F%2Fup-shorty.com%2F
Frame ID: 5C6D459BD0535B163D13CCE3348DAE64
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/js/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 4D655B905B30A1D45D9BD575EA5D0AF6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/js/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 7F58D4EA157D9C0BC1D05D48263E1070
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://up-shorty.com/preview/bVRPj3jCZ8/Majestic.pdf Page URL
http://up-shorty.com/mtm/direct/eyJ1cmkiOiIvcHJldmlldy9iVlJQajNqQ1o4L01hamVzdGljLnBkZiIsImFyZ3MiO... HTTP 302
http://www77.up-shorty.com/ HTTP 302
http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=161520280... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

22
Requests

86 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

283 kB
Transfer

816 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://up-shorty.com/preview/bVRPj3jCZ8/Majestic.pdf Page URL
http://up-shorty.com/mtm/direct/eyJ1cmkiOiIvcHJldmlldy9iVlJQajNqQ1o4L01hamVzdGljLnBkZiIsImFyZ3MiOiIiLCJyZWZlcmVyIjoiIiwiaG9zdF9uYW1lIjoidXAtc2hvcnR5LmNvbSJ9:1lJE27:R5JqC24XMTyM-VjBYzIRUJcfbwI/1 HTTP 302
http://www77.up-shorty.com/ HTTP 302
http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchbox=1&showDomain=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Majestic.pdf Show response
up-shorty.com/preview/bVRPj3jCZ8/ 2 KB
2 KB 402ms
261ms Document
text/html 96.126.123.244
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://up-shorty.com/preview/bVRPj3jCZ8/Majestic.pdf
Protocol: HTTP/1.1
Server: 96.126.123.244 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li372-244.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash: 053de364bc499cde3b9f8f2dde4637f8272b18c614fe83a185813c5291048de2

Request headers

Host: up-shorty.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: openresty/1.13.6.1
Date: Mon, 08 Mar 2021 11:26:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1663
Connection: close
Vary: Accept-Language
Content-Language: en

GET
H/1.1 403
Forbidden 1 Show response
up-shorty.com/mtm/async/eyJ1cmkiOiIvcHJldmlldy9iVlJQajNqQ1o4L01hamVzdGljLnBkZiIsImFyZ3MiOiIiLCJyZWZlcmVyIjoiIiwiaG9zdF9uYW1lIjoidXAtc2hvcnR5LmNvbSJ9:1lJE27:R5JqC24XMTyM-VjBYzIRUJcfbwI/ 577 B
759 B 268ms
254ms Fetch
text/html 96.126.123.244
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://up-shorty.com/mtm/async/eyJ1cmkiOiIvcHJldmlldy9iVlJQajNqQ1o4L01hamVzdGljLnBkZiIsImFyZ3MiOiIiLCJyZWZlcmVyIjoiIiwiaG9zdF9uYW1lIjoidXAtc2hvcnR5LmNvbSJ9:1lJE27:R5JqC24XMTyM-VjBYzIRUJcfbwI/1
Requested by: Host: up-shorty.com
URL: http://up-shorty.com/preview/bVRPj3jCZ8/Majestic.pdf
Protocol: HTTP/1.1
Server: 96.126.123.244 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li372-244.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash: 1863ed097238163f72cda3622877a38cd45c0e70fd3cc8053600b012edd06f85

Request headers

Referer: http://up-shorty.com/preview/bVRPj3jCZ8/Majestic.pdf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Fail-Reason: Bad Actor
Server: openresty/1.13.6.1
Connection: close
Date: Mon, 08 Mar 2021 11:26:43 GMT
Content-Length: 577
Content-Type: text/html

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www6.up-shorty.com/
Redirect Chain

http://up-shorty.com/mtm/direct/eyJ1cmkiOiIvcHJldmlldy9iVlJQajNqQ1o4L01hamVzdGljLnBkZiIsImFyZ3MiOiIiLCJyZWZlcmVyIjoiIiwiaG9zdF9uYW1lIjoidXAtc2hvcnR5LmNvbSJ9:1lJE27:R5JqC24XMTyM-VjBYzIRUJcfbwI/1
http://www77.up-shorty.com/
http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchbox=1&showDomain=1

2 KB
3 KB

266ms
120ms

Document
text/html

35.186.238.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchbox=1&showDomain=1
Protocol: HTTP/1.1
Server: 35.186.238.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.238.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3b906632ec8184de36ac99d0148333173007a52f8413e9e38eda8a5ca63af05f

Request headers

Host: www6.up-shorty.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://up-shorty.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://up-shorty.com/preview/bVRPj3jCZ8/Majestic.pdf

Response headers

Server: openresty
Date: Mon, 08 Mar 2021 11:26:49 GMT
Content-Type: text/html
Content-Length: 2522
Last-Modified: Thu, 04 Mar 2021 00:48:38 GMT
ETag: "60402e66-9da"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_C9s+z4wJKLH/TflXAU7R+M/1NuWRCvX0NiLnGeUiH1SGLgWgVbiK/C0joKO4N+VQsqjS3b+UwVCwLusFItBWfA
Set-Cookie: caf_ipaddr=82.102.19.136;Path=/;Max-Age=86400; country=BE;Path=/;Max-Age=86400; city="Brussels";Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google

Redirect headers

Server: openresty/1.13.6.1
Date: Mon, 08 Mar 2021 11:26:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Location: http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchbox=1&showDomain=1
X-Mtm-Path: 0
Vary: Accept-Language
Content-Language: en
Set-Cookie: mtm_delivered=WyJ1cC1zaG9ydHkuY29tIiwiaHR0cDovL3d3dzYudXAtc2hvcnR5LmNvbS8_dGVtcGxhdGU9VkVSVElDQUxfTElORVMmdGRmcz0wJnNfdG9rZW49MTYxNTIwMjgwOS4wMDMwMjg1NTU2JnV1aWQ9MTYxNTIwMjgwOS4wMDMwMjg1NTU2JnNlYXJjaGJveD0xJnNob3dEb21haW49MSIsMSwiMjAyMS0wMy0wOCAxMToyNjo0OSIsIjE2MTUyMDI4MDkuMDAzMDI4NTU1NiIsNzgsbnVsbCxudWxsXQ:1lJE2D:ekFI6BEeZMM0krEcjO_t9PrcceM; expires=Mon, 08-Mar-2021 12:26:49 GMT; Max-Age=3600; Path=/

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 173 KB
61 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: www6.up-shorty.com
URL: http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchbox=1&showDomain=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24499094300d254dc15c9a0104a5ec1d66a379a9694a14f2594dd0aa7044fdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 11:26:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "11114431837474191476"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 08 Mar 2021 11:26:49 GMT

GET
H2 200 2.4a8b4e43.chunk.js Show response
img1.wsimg.com/parking-lander/static/js/ 355 KB
110 KB 78ms
23ms Script
application/javascript 2.17.185.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/static/js/2.4a8b4e43.chunk.js
Requested by: Host: www6.up-shorty.com
URL: http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchbox=1&showDomain=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-185-233.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a54ccd73b7ae64c118f332665e98d2ae83e46b2cb31dbc61a6f1aa01f48be3c5

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Z27wI7lrfojh4x94Yp1f2OrUFOEvxOgS
content-encoding: gzip
etag: "74a4489037383d39f882632c50e83716"
x-amz-request-id: ZDKZW2JX5YKA69DS
x-amz-server-side-encryption: AES256
content-length: 112225
x-amz-id-2: +0uNTVmnsPDc+Uq6UgRpowtaPdTZ1wDm2jAei/EB5lpQ6/ElVm9TiOMdMmCXVwhk1WWq8paKOwE=
last-modified: Thu, 04 Mar 2021 00:47:12 GMT
date: Mon, 08 Mar 2021 11:26:49 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Mar 2022 11:26:49 GMT

GET
H2 200 main.69b5e47a.chunk.js Show response
img1.wsimg.com/parking-lander/static/js/ 67 KB
21 KB 111ms
57ms Script
application/javascript 2.17.185.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/parking-lander/static/js/main.69b5e47a.chunk.js
Requested by: Host: www6.up-shorty.com
URL: http://www6.up-shorty.com/?template=VERTICAL_LINES&tdfs=0&s_token=1615202809.0030285556&uuid=1615202809.0030285556&searchbox=1&showDomain=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-185-233.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b22a3eda654f26571ba81f86f6114e6fec5510366e8cb3c8887e6a6eadf27713

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _WDqbNGclq1BgjI6qbaEohYSax7KbA00
content-encoding: gzip
etag: "73887db52b886d963227cfd2d95c6c53"
x-amz-request-id: ZDKM42C9VJ40HRMJ
x-amz-server-side-encryption: AES256
content-length: 21576
x-amz-id-2: X/ZtY9qmKJFJTSQiiMkTnppioopXQ8fFp9UCm1l0bufNCqlbKryRQH4QGRSf/hOTUVz8oYDSQcs=
last-modified: Thu, 04 Mar 2021 00:47:13 GMT
date: Mon, 08 Mar 2021 11:26:49 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Mar 2022 11:26:49 GMT

OPTIONS
H2 200 landerParams
api.aws.parking.godaddy.com/v1/domains/www6.up-shorty.com/ Frame 0
0 307ms
102ms Preflight 52.71.216.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aws.parking.godaddy.com/v1/domains/www6.up-shorty.com/landerParams
Protocol: H2
Server: 52.71.216.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-216-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Origin: http://www6.up-shorty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 08 Mar 2021 11:26:50 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://www6.up-shorty.com
access-control-max-age: 600
x-request-id: f0WsiABR

GET
H2 200 landerParams Show response
api.aws.parking.godaddy.com/v1/domains/www6.up-shorty.com/ 903 B
1 KB 310ms
105ms Fetch
application/json 52.71.216.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aws.parking.godaddy.com/v1/domains/www6.up-shorty.com/landerParams
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.69b5e47a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.216.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-216-15.compute-1.amazonaws.com
Software: /
Resource Hash: aff78bb3c151d9e7e28a1c9ebf337ee9d782af15d502dbd7266eb64654fbc941

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Request-Id: d3987952-eca9-4200-82fb-8d2e4a2ca747

Response headers

access-control-allow-origin: http://www6.up-shorty.com
date: Mon, 08 Mar 2021 11:26:50 GMT
access-control-allow-credentials: true
content-length: 903
access-control-max-age: 600
x-request-id: d3987952-eca9-4200-82fb-8d2e4a2ca747
content-type: application/json

GET
H3-Q050 200 iframe.html Show response
www.google.com/afs/ads/i/ Frame 9B72 1 KB
947 B 14ms
14ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads/i/iframe.html

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fac0eefa6c6a7a60052870a301540329f3215b401fd714a8891f8eda83041829

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-FPjd_JMoBsG96_JBavZ0Hg' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads/i/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www6.up-shorty.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www6.up-shorty.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-FPjd_JMoBsG96_JBavZ0Hg' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 640
date: Mon, 08 Mar 2021 11:26:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
www.google.com/dp/ Frame 5C6D 13 KB
8 KB 214ms
214ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/dp/ads?r=m&domain_name=up-shorty.com&cpp=0&client=dp-namemedia08_3ph&channel=08236&adtest=off&adsafe=low&type=3&pcsa=false&psid=1293544924&swp=as-drid-2395277546132987&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300441%2C17300443%2C17300494%2C17300496%2C17300598&format=r6%7Cs&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=3&u_tz=60&dt=1615202810566&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=219&frm=0&uio=sl1sr1-st24sa11lt40-&cont=relatedLinks&csize=w600h18&inames=master-1&jsv=97509&rurl=http%3A%2F%2Fwww6.up-shorty.com%2F%3Ftemplate%3DVERTICAL_LINES%26tdfs%3D0%26s_token%3D1615202809.0030285556%26uuid%3D1615202809.0030285556%26searchbox%3D1%26showDomain%3D1&referer=http%3A%2F%2Fup-shorty.com%2F

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

6d4bec8adab8061237afe27662d9f15c59227b4d976acd0c67d533c46ee5e705

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /dp/ads?r=m&domain_name=up-shorty.com&cpp=0&client=dp-namemedia08_3ph&channel=08236&adtest=off&adsafe=low&type=3&pcsa=false&psid=1293544924&swp=as-drid-2395277546132987&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300441%2C17300443%2C17300494%2C17300496%2C17300598&format=r6%7Cs&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=3&u_tz=60&dt=1615202810566&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=219&frm=0&uio=sl1sr1-st24sa11lt40-&cont=relatedLinks&csize=w600h18&inames=master-1&jsv=97509&rurl=http%3A%2F%2Fwww6.up-shorty.com%2F%3Ftemplate%3DVERTICAL_LINES%26tdfs%3D0%26s_token%3D1615202809.0030285556%26uuid%3D1615202809.0030285556%26searchbox%3D1%26showDomain%3D1&referer=http%3A%2F%2Fup-shorty.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www6.up-shorty.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www6.up-shorty.com/

Response headers

content-type: text/html; charset=UTF-8
content-disposition: inline
date: Mon, 08 Mar 2021 11:26:50 GMT
expires: Mon, 08 Mar 2021 11:26:50 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 7920
x-xss-protection: 0
set-cookie: NID=210=kz4OpGgWulIPhxUIZ2BWNS-BPpNt9Li9oOEfFApIQvl2LUVzSxRtL5YbC013aRgJ0PCiFkQk5rRWmBimKGNGn2PUURQwLQLY5kNnFiU-WQkCt-sw7M8TJbz6MwXjVVFEL7wLEb8YUlvVFLlWAQD95EGLBIQ0DUIjn_MyktNYjnk; expires=Tue, 07-Sep-2021 11:26:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+548; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 caf.js Show response
www.google.com/adsense/domains/ Frame 5C6D 173 KB
61 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: www.google.com
URL: https://www.google.com/dp/ads?r=m&domain_name=up-shorty.com&cpp=0&client=dp-namemedia08_3ph&channel=08236&adtest=off&adsafe=low&type=3&pcsa=false&psid=1293544924&swp=as-drid-2395277546132987&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300441%2C17300443%2C17300494%2C17300496%2C17300598&format=r6%7Cs&num=0&output=afd_ads&v=3&adext=as1%2Csr1&bsl=8&u_his=3&u_tz=60&dt=1615202810566&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=219&frm=0&uio=sl1sr1-st24sa11lt40-&cont=relatedLinks&csize=w600h18&inames=master-1&jsv=97509&rurl=http%3A%2F%2Fwww6.up-shorty.com%2F%3Ftemplate%3DVERTICAL_LINES%26tdfs%3D0%26s_token%3D1615202809.0030285556%26uuid%3D1615202809.0030285556%26searchbox%3D1%26showDomain%3D1&referer=http%3A%2F%2Fup-shorty.com%2F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64b06cfe08e4a24452636ee274bafd9d4fec4be31338dda25b5121352384a4a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 11:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "2194222393035639673"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 08 Mar 2021 11:26:50 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 5C6D 200 B
521 B 27ms
6ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 18:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
server: sffe
age: 62523
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174
x-xss-protection: 0
expires: Mon, 08 Mar 2021 17:04:47 GMT

OPTIONS
H2 200 parkingEvents
api.aws.parking.godaddy.com/v1/ Frame 0
0 102ms
102ms Preflight
text/plain 52.71.216.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aws.parking.godaddy.com/v1/parkingEvents
Protocol: H2
Server: 52.71.216.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-216-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www6.up-shorty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 08 Mar 2021 11:26:50 GMT
content-type: text/plain
content-length: 0
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *

POST
H2 200 parkingEvents
api.aws.parking.godaddy.com/v1/ 0
0 105ms
105ms Fetch
text/plain 52.71.216.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.aws.parking.godaddy.com/v1/parkingEvents
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.69b5e47a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.216.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-216-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 08 Mar 2021 11:26:51 GMT
content-length: 0
content-type: text/plain

POST
H/1.1 200
OK / Show response
postback.trafficmotor.com/sn/ 3 B
227 B 410ms
143ms Fetch
application/json 45.79.38.145
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://postback.trafficmotor.com/sn/
Requested by: Host: img1.wsimg.com
URL: https://img1.wsimg.com/parking-lander/static/js/main.69b5e47a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.38.145 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1137-145.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: http://www6.up-shorty.com
Date: Mon, 08 Mar 2021 11:26:51 GMT
Server: openresty/1.13.6.1
Connection: close
Content-Length: 3
Vary: Origin
Content-Type: application/json

OPTIONS
H/1.1 200
OK /
postback.trafficmotor.com/sn/ Frame 0
0 559ms
135ms Preflight
text/html 45.79.38.145
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://postback.trafficmotor.com/sn/
Protocol: HTTP/1.1
Server: 45.79.38.145 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1137-145.members.linode.com
Software: openresty/1.13.6.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www6.up-shorty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: openresty/1.13.6.1
Date: Mon, 08 Mar 2021 11:26:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Allow: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Origin: http://www6.up-shorty.com
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Access-Control-Allow-Headers: content-type

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
www.google.com/js/bg/ Frame 4D65 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 11:00:00 GMT
server: sffe
age: 564319
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6222
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:41:31 GMT

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
www.google.com/js/bg/ Frame 7F58 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 22:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 11:00:00 GMT
server: sffe
age: 564320
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6222
x-xss-protection: 0
expires: Tue, 01 Mar 2022 22:41:31 GMT

GET
H3-Q050 204 gen_204
www.google.com/afs/ 0
132 B 39ms
38ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=f68b1btpfw60&aqid=-glGYOSXK46sywW2vIhg&psid=1293544924&pbt=bs&adbx=500&adby=52&adbh=374&adbw=600&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=9750962054340537689&csadii=21&csadr=411&pblt=1&lle=0&llm=1000&ifv=1&usr=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 11:26:52 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
www.google.com/afs/ 0
86 B 43ms
42ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=1vfjpxhek7w5&psid=1293544924&pbt=bs&adbx=650&adby=436&adbh=24&adbw=300&adbn=slave-1-1&eawp=partner-dp-namemedia08_3ph&errv=9750962054340537689&csadii=14&csadr=418&pblt=1&lle=0&llm=1000&ifv=1&usr=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 11:26:52 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
www.google.com/afs/ 0
109 B 39ms
39ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=sh2466p0nhaa&aqid=-glGYOSXK46sywW2vIhg&psid=1293544924&pbt=bv&adbx=500&adby=52&adbh=374&adbw=600&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=9750962054340537689&csadii=21&csadr=411&pblt=1&lle=0&llm=1000&ifv=1&usr=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 11:26:53 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
www.google.com/afs/ 0
86 B 46ms
45ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=cqahhd72ldp1&psid=1293544924&pbt=bv&adbx=650&adby=436&adbh=24&adbw=300&adbn=slave-1-1&eawp=partner-dp-namemedia08_3ph&errv=9750962054340537689&csadii=14&csadr=418&pblt=1&lle=0&llm=1000&ifv=1&usr=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www6.up-shorty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 11:26:53 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.google.com/adsense/domains/caf.js(Line 311) Message: The following CSA option(s) were ignored due to being overridden by native style controls: colorBackground,attributionSpacingBelow,fontSizeAttribution,titleBold,fontSizeTitle,lineHeightTitle,noTitleUnderline,adIconUrl,adIconHeight,adIconWidth,adIconSpacingAbove,adIconSpacingAfter,adBorderSelections,rolloverLinkColor,colorAttribution,colorTitleLink,colorAdBorder,colorText

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
api.aws.parking.godaddy.com
img1.wsimg.com
postback.trafficmotor.com
up-shorty.com
www.google.com
www6.up-shorty.com
www77.up-shorty.com
2.17.185.233
2a00:1450:4001:802::2001
2a00:1450:4001:80f::2004
35.186.238.101
45.79.19.196
45.79.38.145
52.71.216.15
96.126.123.244
053de364bc499cde3b9f8f2dde4637f8272b18c614fe83a185813c5291048de2
1863ed097238163f72cda3622877a38cd45c0e70fd3cc8053600b012edd06f85
24499094300d254dc15c9a0104a5ec1d66a379a9694a14f2594dd0aa7044fdba
3b906632ec8184de36ac99d0148333173007a52f8413e9e38eda8a5ca63af05f
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
64b06cfe08e4a24452636ee274bafd9d4fec4be31338dda25b5121352384a4a4
6d4bec8adab8061237afe27662d9f15c59227b4d976acd0c67d533c46ee5e705
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
a54ccd73b7ae64c118f332665e98d2ae83e46b2cb31dbc61a6f1aa01f48be3c5
aff78bb3c151d9e7e28a1c9ebf337ee9d782af15d502dbd7266eb64654fbc941
b22a3eda654f26571ba81f86f6114e6fec5510366e8cb3c8887e6a6eadf27713
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fac0eefa6c6a7a60052870a301540329f3215b401fd714a8891f8eda83041829

www6.up-shorty.com Open in urlscan Pro 35.186.238.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

86 %HTTPS

25 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

283 kBTransfer

816 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www6.up-shorty.com Open in urlscan Pro
35.186.238.101 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

86 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

283 kB
Transfer

816 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions