Submitted URL: http://uszip.codes/
Effective URL: https://uszip.codes/
Submission Tags: @phish_report
Submission: On July 25 via api from FI — Scanned from AU

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 13 HTTP transactions. The main IP is 172.67.217.6, located in United States and belongs to CLOUDFLARENET, US. The main domain is uszip.codes.
TLS certificate: Issued by WE1 on July 25th 2024. Valid for: 3 months.
This is the only time uszip.codes was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.217.6 13335 (CLOUDFLAR...)
5 142.251.220.66 15169 (GOOGLE)
2 142.250.71.162 15169 (GOOGLE)
2 142.251.222.193 15169 (GOOGLE)
1 142.250.71.228 15169 (GOOGLE)
13 5
Apex Domain
Subdomains
Transfer
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
245 KB
3 uszip.codes
uszip.codes
848 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
1 google.com
www.google.com — Cisco Umbrella Rank: 10
13 4
Domain Requested by
5 pagead2.googlesyndication.com uszip.codes
pagead2.googlesyndication.com
3 uszip.codes uszip.codes
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
13 5

This site contains no links.

Subject Issuer Validity Valid
uszip.codes
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh

This page contains 5 frames:

Primary Page: https://uszip.codes/
Frame ID: A24BA278944DFBBFA9A6C8E6FAD46DAD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240723/r20110914/zrt_lookup_fy2021.html
Frame ID: 48AB2AA3233E7FF5C556BF445705A20E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9857162281896577&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721944690&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fuszip.codes%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_15~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721944689415&bpp=2&bdt=644&idt=873&shv=r20240723&mjsv=m202407220101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5052987740415&frm=20&pv=2&ga_vid=950154846.1721944690&ga_sid=1721944690&ga_hid=2026172941&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084867%2C44795922%2C95334525%2C95334829%2C95337026%2C95337870%2C95338226%2C95338250%2C31084186%2C95337092%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4292532014381312&tmod=1233586041&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=901
Frame ID: 3E04D00C57418635FF72D729F89F183D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6974F4C381794FA7B2A7A529641562B8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5B2720434EC39550A1515C6E7243BC0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

US Zip Codes - United States Postal Code Lookup and Tracker

Page URL History Show full URLs

  1. http://uszip.codes/ HTTP 307
    https://uszip.codes/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • zip\.co

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

1094 kB
Transfer

1579 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uszip.codes/ HTTP 307
    https://uszip.codes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
uszip.codes/
Redirect Chain
  • http://uszip.codes/
  • https://uszip.codes/
21 KB
5 KB
Document
General
Full URL
https://uszip.codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.217.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d231794f563ea6a83816d8918bad10b2d5c99df493e31b2af3a4d6c87b2ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8a8f68dcfd96a94d-SYD
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Thu, 25 Jul 2024 21:58:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMwywgbldyjO4BIlZR4%2FRTua3Jpzohua5xJLimg0yA9dOWav2%2Fhgy3uC%2FaYjNrPgWQjupSiW6nm570SDebGJOAVqSs5uu%2BlZb5B31sDwxdC4L7ZzKhO%2FaKQxyJdNFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

Location
https://uszip.codes/
Non-Authoritative-Reason
HttpsUpgrades
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
159 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9857162281896577
Requested by
Host: uszip.codes
URL: https://uszip.codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4604ae74716ea513f2f9e6d48b24dc211a947acf3db68cba5a66728a8c4b6cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://uszip.codes
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 21:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53500
x-xss-protection
0
server
cafe
etag
17180075910025792541
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 25 Jul 2024 21:58:09 GMT
zip-code-zones-in-the-us.png
uszip.codes/asset/image/
839 KB
840 KB
Image
General
Full URL
https://uszip.codes/asset/image/zip-code-zones-in-the-us.png
Requested by
Host: uszip.codes
URL: https://uszip.codes/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.217.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af30d42b83ce7f4ae8f140d64e0425a3e75254ad86465bd35a512aaf9ebe61ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://uszip.codes/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 21:58:09 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-disposition
inline; filename="zip-code-zones-in-the-us.png"
alt-svc
h3=":443"; ma=86400
content-length
859174
referrer-policy
same-origin
last-modified
Tue, 02 Apr 2024 09:13:07 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgL36SsPumx1n9p6ARxoE208Vrfusv6PAhpef%2FV5dRK%2Bk5sBsMGQ2955bPba5ZOAVqv2b9XIWhe1H6wUZgxqdbphvtpdF8hd5MNJ9PIINEHirdlWWT8p8Nw%2BpyR5Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a8f68e0d8e8a94d-SYD
expires
Thu, 25 Jul 2024 21:59:09 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/
88 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9857162281896577
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s51-in-f2.1e100.net
Software
cafe /
Resource Hash
98fb8c9b23db2d61d161f164b82c02e439a1d6908d8e8a3d26364808c60becb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 21:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31519
x-xss-protection
0
server
cafe
etag
2468769472778823013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:58:09 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/
424 KB
143 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9857162281896577
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s51-in-f2.1e100.net
Software
cafe /
Resource Hash
04a8e25f1db68b66600693e85b450ce174f7ac7b474e2e014ee7d42df9b5cd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 21:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146368
x-xss-protection
0
server
cafe
etag
20271005072689139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jul 2024 21:58:09 GMT
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9857162281896577
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s51-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240723/r20110914/ Frame 48AB
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240723/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.162 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nchkga-ab-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age
39343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jul 2024 11:02:27 GMT
etag
2738592464165616
expires
Thu, 08 Aug 2024 11:02:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E04
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9857162281896577&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721944690&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fuszip.codes%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_15~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721944689415&bpp=2&bdt=644&idt=873&shv=r20240723&mjsv=m202407220101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5052987740415&frm=20&pv=2&ga_vid=950154846.1721944690&ga_sid=1721944690&ga_hid=2026172941&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084867%2C44795922%2C95334525%2C95334829%2C95337026%2C95337870%2C95338226%2C95338250%2C31084186%2C95337092%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4292532014381312&tmod=1233586041&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=901
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.162 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nchkga-ab-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jul 2024 21:58:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240723&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b205c54842e2f4435b7f8dfc342404190bc75e08bbb3b8b5a926b322f81f9be6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 21:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12845
x-xss-protection
0
favicon.ico
uszip.codes/asset/favicon/
15 KB
4 KB
Other
General
Full URL
https://uszip.codes/asset/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.217.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104c252a7b4f1d7a35c9ddfbd708d31b095dfa2dc3cc36c17eb0058ccb63d469
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://uszip.codes/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 21:58:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="favicon.ico"
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
last-modified
Wed, 03 Apr 2024 04:00:24 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLqCTDxp2PNowW3bsOi04rsbQEz7ZfRKvvKfy3U%2FEiRn9iGGaBahfv9xZUBqHyNExfb6uOZd8ISTnqK025fi08z9GcNTl4qus%2BHOXLpC5psRcbCnfA8gHm%2BoWXwTnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
8a8f68ed5b62a94d-SYD
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.193 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s55-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 21:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Jul 2024 21:58:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6974
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.193 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s55-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
age
37833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jul 2024 11:27:38 GMT
expires
Fri, 25 Jul 2025 11:27:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C5B2
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.71.228 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nchkgb-ab-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-FaTDxgokzEdEc_e3frnncQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-FaTDxgokzEdEc_e3frnncQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jul 2024 21:58:11 GMT
expires
Thu, 25 Jul 2024 21:58:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_llp object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY