Report - google.so/url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa

Report Overview

Submitted URL
google.so/url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa
IP
142.250.74.131
ASN
#15169 GOOGLE
Submitted
2024-03-28 12:11:26
Access
public
Website Title
Server Not Found
Final URL
about:neterror?e=dnsNotFound&u=https%3A//jkzfqpor8x5nhjhn.com/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20jkzfqpor8x5nhjhn.com.
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.so	32784	2011-01-24	2013-04-21	2023-08-18	2.3 kB	77 kB	216.58.207.227
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	1.4 kB	2.4 kB	216.58.211.4
www.google.com.au	18950	unknown	2012-05-22	2024-03-24	1.8 kB	2.3 kB	216.58.207.195
www.google.ae	23447	unknown	2012-05-22	2024-03-18	1.8 kB	3.3 kB	142.250.74.131
fs2vjljin.fpmozqoprh.buzz	unknown	unknown	No data	No data	1.3 kB	716 B	24.144.68.200
jkzfqpor8x5nhjhn.com	unknown	unknown	No data	No data	477 B	0 B	0.0.0.0
google.so	29888	unknown	No data	No data	2.0 kB	4.2 kB	142.250.74.131
google.com.au	8601	unknown	2012-08-13	2024-03-14	1.1 kB	1.9 kB	142.250.74.163
google.ae	11260	unknown	2012-12-13	2024-03-14	1.2 kB	2.1 kB	142.250.74.3
tinyurl.com	10084	2002-01-27	2012-05-21	2024-03-27	390 B	1.6 kB	104.20.139.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	jkzfqpor8x5nhjhn.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	about:neterror?e=dnsNotFound&u=https%3A//jkzfqpor8x5nhjhn.com/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20jkzfqpor8x5nhjhn.com.	0 B	2023-03-07	2024-04-27
Pretty URL about:neterror?e=dnsNotFound&u=https%3A//jkzfqpor8x5nhjhn.com/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20jkzfqpor8x5nhjhn.com. IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 11:44:06 Times Seen37119575 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (19)

URL IP Response Size

google.so/url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa

142.250.74.131

301 Moved Permanently

1.4 kB

URL User Request GET HTTP/2
google.so/url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.so
Fingerprint9F:94:35:3C:B1:E9:96:C8:79:6A:8C:21:C8:80:27:68:69:E6:8F:CA
ValidityMon, 26 Feb 2024 08:21:35 GMT - Mon, 20 May 2024 08:21:34 GMT

File type
HTML document, ASCII text, with very long lines (1245), with CRLF, LF line terminators
Size
1.4 kB (1422 bytes)
Hash
d53827528ded0dc95872b9b52284eb53
a8bf22579e4e17d274f4eb33847ad94ca69a323e
2a99c5785a341881196ce14f0a3b0ff1ebc396a3e6fd4924d130c7466544d0e3

HTTP Headers

GET /url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa HTTP/1.1
Host: google.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.google.so/url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-apBMFT-uoJWhVp5uGzHbRg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 28 Mar 2024 12:11:00 GMT
expires: Sat, 27 Apr 2024 12:11:00 GMT
cache-control: public, max-age=2592000
server: gws
content-length: 1422
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.so/url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa

216.58.207.227

302 Found

1.1 kB

URL User Request GET HTTP/2
www.google.so/url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.so
Fingerprint9F:94:35:3C:B1:E9:96:C8:79:6A:8C:21:C8:80:27:68:69:E6:8F:CA
ValidityMon, 26 Feb 2024 08:21:35 GMT - Mon, 20 May 2024 08:21:34 GMT

File type
HTML document, ASCII text, with very long lines (918), with CRLF, LF line terminators
Size
1.1 kB (1095 bytes)
Hash
f753491170a2cbdc2dc0652e1ca17fbb
53234cfc02d6a7f89f67996dffe8693271a625bc
3bd7840408e332f04d91d6fdaa5436edb6bd0b90f5d7d54bdfbf9adc19e64590

HTTP Headers

GET /url?hl=en&q=https://www.google.com/url?hl%3Den%26q%3Dhttps://google.com.au/url?sa%253Dt%2526q%253DzL%2526rct%253DYP%2526esrc%253Duxbd%2526source%253Dlbp%2526cd%253DQUCU%2526cad%253DkHUB5n%2526ved%253DBWQTrz1LQLVOQo%2526uact%253D996%2526url%253D%252561%25256D%252570%25252F%252567%25256F%25256F%252567%25256C%252565%25252E%252561%252565%25252F%252561%25256D%252570%25252F%252574%252569%25256E%252579%252575%252572%25256C%25252E%252563%25256F%25256D%25252F%252533%252565%252532%252568%252576%25256E%252572%252565%2526opi%253D7442734226844%2526usg%253DY2ppadYrd0MWHs?xlxl%253Ddgdeqvj%2526qnawb%253Dfceuosw%2526lnnbn%253Dnhgffeaf%2526fqvy%253Dlurkprr%2526yai%253Djigyonfce%2526ory%253Dvsqggizh%2526fifb%253Dfocdwdhjc%2526dfc%253Dxwfulwd%2526qnye%253Ddaknwkqme%2526wkf%253Dcjhrranb%2526xshah%253Dzsyilybj%2526bgpyo%253Dlenlsrt%2526ddijd%253Dlwszuml%2526rtib%253Dpnkhisvd%2526mieb%253Dramsvxln%2526you%253Dtxzxgipmy%2526bdql%253Dgshwgqio%2526qbvxh%253Daefmvnbjg%2526gpxm%253Dzyrhrou%2526ppw%253Degmjlcltq%2526elfx%253Dwqxvejc%2526csgp%253Dcolabozg%26source%3Dgmail%26ust%3D1711668387634000%26usg%3DAOvVaw33En2mEE6mkc39S0ZVU5gO&source=gmail&ust=1711668429265000&usg=AOvVaw1pURV7EHrT9TCDylBUFqsa HTTP/1.1
Host: www.google.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://www.google.com/url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DzL%26rct%3DYP%26esrc%3Duxbd%26source%3Dlbp%26cd%3DQUCU%26cad%3DkHUB5n%26ved%3DBWQTrz1LQLVOQo%26uact%3D996%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2565%2532%2568%2576%256E%2572%2565%26opi%3D7442734226844%26usg%3DY2ppadYrd0MWHs?xlxl%3Ddgdeqvj%26qnawb%3Dfceuosw%26lnnbn%3Dnhgffeaf%26fqvy%3Dlurkprr%26yai%3Djigyonfce%26ory%3Dvsqggizh%26fifb%3Dfocdwdhjc%26dfc%3Dxwfulwd%26qnye%3Ddaknwkqme%26wkf%3Dcjhrranb%26xshah%3Dzsyilybj%26bgpyo%3Dlenlsrt%26ddijd%3Dlwszuml%26rtib%3Dpnkhisvd%26mieb%3Dramsvxln%26you%3Dtxzxgipmy%26bdql%3Dgshwgqio%26qbvxh%3Daefmvnbjg%26gpxm%3Dzyrhrou%26ppw%3Degmjlcltq%26elfx%3Dwqxvejc%26csgp%3Dcolabozg&source=gmail&ust=1711668387634000&usg=AOvVaw33En2mEE6mkc39S0ZVU5gO
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ICeYZa7FlCoZwLliTqlsjg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 28 Mar 2024 12:11:01 GMT
server: gws
content-length: 1095
x-xss-protection: 0
set-cookie: __Secure-ENID=18.SE=QVo2GOkQCiod2_MDL10OjiCBVmWPVS5f17reANmU3vpV-o9sqsv89E3OLMXksx_Sn7K9C39YSZB6JMF9_J6Cg-PdsaLz2beCWgOW9OBlGWCVDY4p6g-lIP5L7gdbq0BiqY8BQN2kDFHrUZ6pd0vKZMtLPXTtzGHumzuaQ9FJ0W0; expires=Mon, 28-Apr-2025 04:29:19 GMT; path=/; domain=.google.so; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DzL%26rct%3DYP%26esrc%3Duxbd%26source%3Dlbp%26cd%3DQUCU%26cad%3DkHUB5n%26ved%3DBWQTrz1LQLVOQo%26uact%3D996%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2565%2532%2568%2576%256E%2572%2565%26opi%3D7442734226844%26usg%3DY2ppadYrd0MWHs?xlxl%3Ddgdeqvj%26qnawb%3Dfceuosw%26lnnbn%3Dnhgffeaf%26fqvy%3Dlurkprr%26yai%3Djigyonfce%26ory%3Dvsqggizh%26fifb%3Dfocdwdhjc%26dfc%3Dxwfulwd%26qnye%3Ddaknwkqme%26wkf%3Dcjhrranb%26xshah%3Dzsyilybj%26bgpyo%3Dlenlsrt%26ddijd%3Dlwszuml%26rtib%3Dpnkhisvd%26mieb%3Dramsvxln%26you%3Dtxzxgipmy%26bdql%3Dgshwgqio%26qbvxh%3Daefmvnbjg%26gpxm%3Dzyrhrou%26ppw%3Degmjlcltq%26elfx%3Dwqxvejc%26csgp%3Dcolabozg&source=gmail&ust=1711668387634000&usg=AOvVaw33En2mEE6mkc39S0ZVU5gO

216.58.211.4

302 Found

897 B

URL User Request GET HTTP/2
www.google.com/url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DzL%26rct%3DYP%26esrc%3Duxbd%26source%3Dlbp%26cd%3DQUCU%26cad%3DkHUB5n%26ved%3DBWQTrz1LQLVOQo%26uact%3D996%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2565%2532%2568%2576%256E%2572%2565%26opi%3D7442734226844%26usg%3DY2ppadYrd0MWHs?xlxl%3Ddgdeqvj%26qnawb%3Dfceuosw%26lnnbn%3Dnhgffeaf%26fqvy%3Dlurkprr%26yai%3Djigyonfce%26ory%3Dvsqggizh%26fifb%3Dfocdwdhjc%26dfc%3Dxwfulwd%26qnye%3Ddaknwkqme%26wkf%3Dcjhrranb%26xshah%3Dzsyilybj%26bgpyo%3Dlenlsrt%26ddijd%3Dlwszuml%26rtib%3Dpnkhisvd%26mieb%3Dramsvxln%26you%3Dtxzxgipmy%26bdql%3Dgshwgqio%26qbvxh%3Daefmvnbjg%26gpxm%3Dzyrhrou%26ppw%3Degmjlcltq%26elfx%3Dwqxvejc%26csgp%3Dcolabozg&source=gmail&ust=1711668387634000&usg=AOvVaw33En2mEE6mkc39S0ZVU5gO
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint32:A3:19:7A:6B:D5:C7:5E:CA:7C:C8:08:79:14:56:FD:FC:3E:06:F0
ValidityMon, 26 Feb 2024 08:18:59 GMT - Mon, 20 May 2024 08:18:58 GMT

File type
HTML document, ASCII text, with very long lines (720), with CRLF, LF line terminators
Size
897 B (897 bytes)
Hash
03aa9f94a7d4801aeb84a43c778420d1
d37b472fb124a487a70551cb8fac4f12ce9c4187
cdeb4ae29e379d848dd02f6ebfc897175b2a55f5c7a8552466fecbbdf2c50da9

HTTP Headers

GET /url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DzL%26rct%3DYP%26esrc%3Duxbd%26source%3Dlbp%26cd%3DQUCU%26cad%3DkHUB5n%26ved%3DBWQTrz1LQLVOQo%26uact%3D996%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2565%2532%2568%2576%256E%2572%2565%26opi%3D7442734226844%26usg%3DY2ppadYrd0MWHs?xlxl%3Ddgdeqvj%26qnawb%3Dfceuosw%26lnnbn%3Dnhgffeaf%26fqvy%3Dlurkprr%26yai%3Djigyonfce%26ory%3Dvsqggizh%26fifb%3Dfocdwdhjc%26dfc%3Dxwfulwd%26qnye%3Ddaknwkqme%26wkf%3Dcjhrranb%26xshah%3Dzsyilybj%26bgpyo%3Dlenlsrt%26ddijd%3Dlwszuml%26rtib%3Dpnkhisvd%26mieb%3Dramsvxln%26you%3Dtxzxgipmy%26bdql%3Dgshwgqio%26qbvxh%3Daefmvnbjg%26gpxm%3Dzyrhrou%26ppw%3Degmjlcltq%26elfx%3Dwqxvejc%26csgp%3Dcolabozg&source=gmail&ust=1711668387634000&usg=AOvVaw33En2mEE6mkc39S0ZVU5gO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://google.com.au/url?sa=t&q=zL&rct=YP&esrc=uxbd&source=lbp&cd=QUCU&cad=kHUB5n&ved=BWQTrz1LQLVOQo&uact=996&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%33%65%32%68%76%6E%72%65&opi=7442734226844&usg=Y2ppadYrd0MWHs?xlxl=dgdeqvj&qnawb=fceuosw&lnnbn=nhgffeaf&fqvy=lurkprr&yai=jigyonfce&ory=vsqggizh&fifb=focdwdhjc&dfc=xwfulwd&qnye=daknwkqme&wkf=cjhrranb&xshah=zsyilybj&bgpyo=lenlsrt&ddijd=lwszuml&rtib=pnkhisvd&mieb=ramsvxln&you=txzxgipmy&bdql=gshwgqio&qbvxh=aefmvnbjg&gpxm=zyrhrou&ppw=egmjlcltq&elfx=wqxvejc&csgp=colabozg
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-WTV7mqs18kriiCSPWniftw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 28 Mar 2024 12:11:01 GMT
server: gws
content-length: 897
x-xss-protection: 0
set-cookie: __Secure-ENID=18.SE=OnkRaJrMnpLAL-MrQz4nr39qJCf9mQVnNs53B3eDih8Z6xOeng2oeXEx7a-b3qTJDz7GXYorwa3BzSePDIdxlZM8fDQxAWWC4f96NxZ9c6XO82_9yXklUSkepiEApiicZ8w5DqKcOvP-543Teik_4DkIQ5W3e7KxFXnTg9jZa45tw20; expires=Mon, 28-Apr-2025 04:29:19 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

google.com.au/url?sa=t&q=zL&rct=YP&esrc=uxbd&source=lbp&cd=QUCU&cad=kHUB5n&ved=BWQTrz1LQLVOQo&uact=996&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%33%65%32%68%76%6E%72%65&opi=7442734226844&usg=Y2ppadYrd0MWHs?xlxl=dgdeqvj&qnawb=fceuosw&lnnbn=nhgffeaf&fqvy=lurkprr&yai=jigyonfce&ory=vsqggizh&fifb=focdwdhjc&dfc=xwfulwd&qnye=daknwkqme&wkf=cjhrranb&xshah=zsyilybj&bgpyo=lenlsrt&ddijd=lwszuml&rtib=pnkhisvd&mieb=ramsvxln&you=txzxgipmy&bdql=gshwgqio&qbvxh=aefmvnbjg&gpxm=zyrhrou&ppw=egmjlcltq&elfx=wqxvejc&csgp=colabozg

142.250.74.163

301 Moved Permanently

837 B

URL User Request GET HTTP/2
google.com.au/url?sa=t&q=zL&rct=YP&esrc=uxbd&source=lbp&cd=QUCU&cad=kHUB5n&ved=BWQTrz1LQLVOQo&uact=996&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%33%65%32%68%76%6E%72%65&opi=7442734226844&usg=Y2ppadYrd0MWHs?xlxl=dgdeqvj&qnawb=fceuosw&lnnbn=nhgffeaf&fqvy=lurkprr&yai=jigyonfce&ory=vsqggizh&fifb=focdwdhjc&dfc=xwfulwd&qnye=daknwkqme&wkf=cjhrranb&xshah=zsyilybj&bgpyo=lenlsrt&ddijd=lwszuml&rtib=pnkhisvd&mieb=ramsvxln&you=txzxgipmy&bdql=gshwgqio&qbvxh=aefmvnbjg&gpxm=zyrhrou&ppw=egmjlcltq&elfx=wqxvejc&csgp=colabozg
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com.au
Fingerprint9F:FC:D2:15:06:67:39:BB:B0:91:2E:FE:65:06:7A:A5:46:10:66:FA
ValidityMon, 26 Feb 2024 08:20:43 GMT - Mon, 20 May 2024 08:20:42 GMT

File type
HTML document, ASCII text, with very long lines (660), with CRLF, LF line terminators
Size
837 B (837 bytes)
Hash
4501ee8e78ec8cff05f81c92c5c52428
e79103b09d77a7af7fcd8f21982edc6a707cfaf4
8f585ad39563e5e1554d70fbf0d54bf156963c936dac8183e169ccb1199c52a6

HTTP Headers

GET /url?sa=t&q=zL&rct=YP&esrc=uxbd&source=lbp&cd=QUCU&cad=kHUB5n&ved=BWQTrz1LQLVOQo&uact=996&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%33%65%32%68%76%6E%72%65&opi=7442734226844&usg=Y2ppadYrd0MWHs?xlxl=dgdeqvj&qnawb=fceuosw&lnnbn=nhgffeaf&fqvy=lurkprr&yai=jigyonfce&ory=vsqggizh&fifb=focdwdhjc&dfc=xwfulwd&qnye=daknwkqme&wkf=cjhrranb&xshah=zsyilybj&bgpyo=lenlsrt&ddijd=lwszuml&rtib=pnkhisvd&mieb=ramsvxln&you=txzxgipmy&bdql=gshwgqio&qbvxh=aefmvnbjg&gpxm=zyrhrou&ppw=egmjlcltq&elfx=wqxvejc&csgp=colabozg HTTP/1.1
Host: google.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.google.com.au/url?sa=t&q=zL&rct=YP&esrc=uxbd&source=lbp&cd=QUCU&cad=kHUB5n&ved=BWQTrz1LQLVOQo&uact=996&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2F3e2hvnre&opi=7442734226844&usg=Y2ppadYrd0MWHs?xlxl=dgdeqvj&qnawb=fceuosw&lnnbn=nhgffeaf&fqvy=lurkprr&yai=jigyonfce&ory=vsqggizh&fifb=focdwdhjc&dfc=xwfulwd&qnye=daknwkqme&wkf=cjhrranb&xshah=zsyilybj&bgpyo=lenlsrt&ddijd=lwszuml&rtib=pnkhisvd&mieb=ramsvxln&you=txzxgipmy&bdql=gshwgqio&qbvxh=aefmvnbjg&gpxm=zyrhrou&ppw=egmjlcltq&elfx=wqxvejc&csgp=colabozg
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-h3o6FeDDpow8OtCHr2fx4w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 28 Mar 2024 12:11:01 GMT
expires: Sat, 27 Apr 2024 12:11:01 GMT
cache-control: public, max-age=2592000
server: gws
content-length: 837
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com.au/url?sa=t&q=zL&rct=YP&esrc=uxbd&source=lbp&cd=QUCU&cad=kHUB5n&ved=BWQTrz1LQLVOQo&uact=996&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2F3e2hvnre&opi=7442734226844&usg=Y2ppadYrd0MWHs?xlxl=dgdeqvj&qnawb=fceuosw&lnnbn=nhgffeaf&fqvy=lurkprr&yai=jigyonfce&ory=vsqggizh&fifb=focdwdhjc&dfc=xwfulwd&qnye=daknwkqme&wkf=cjhrranb&xshah=zsyilybj&bgpyo=lenlsrt&ddijd=lwszuml&rtib=pnkhisvd&mieb=ramsvxln&you=txzxgipmy&bdql=gshwgqio&qbvxh=aefmvnbjg&gpxm=zyrhrou&ppw=egmjlcltq&elfx=wqxvejc&csgp=colabozg

216.58.207.195

302 Found

261 B

URL User Request GET HTTP/2
www.google.com.au/url?sa=t&q=zL&rct=YP&esrc=uxbd&source=lbp&cd=QUCU&cad=kHUB5n&ved=BWQTrz1LQLVOQo&uact=996&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2F3e2hvnre&opi=7442734226844&usg=Y2ppadYrd0MWHs?xlxl=dgdeqvj&qnawb=fceuosw&lnnbn=nhgffeaf&fqvy=lurkprr&yai=jigyonfce&ory=vsqggizh&fifb=focdwdhjc&dfc=xwfulwd&qnye=daknwkqme&wkf=cjhrranb&xshah=zsyilybj&bgpyo=lenlsrt&ddijd=lwszuml&rtib=pnkhisvd&mieb=ramsvxln&you=txzxgipmy&bdql=gshwgqio&qbvxh=aefmvnbjg&gpxm=zyrhrou&ppw=egmjlcltq&elfx=wqxvejc&csgp=colabozg
IP
216.58.207.195:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com.au
Fingerprint9F:FC:D2:15:06:67:39:BB:B0:91:2E:FE:65:06:7A:A5:46:10:66:FA
ValidityMon, 26 Feb 2024 08:20:43 GMT - Mon, 20 May 2024 08:20:42 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
261 B (261 bytes)
Hash
7f7ad46bb7d4814722b64131008c05ac
a2b8316e7fc41c6162ea852c460e350fdc27e012
1c84694b7783b246e931a543d076bdd23d84e55fa0acab8f160dd2e7f0938dfa

HTTP Headers

GET /url?sa=t&q=zL&rct=YP&esrc=uxbd&source=lbp&cd=QUCU&cad=kHUB5n&ved=BWQTrz1LQLVOQo&uact=996&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2F3e2hvnre&opi=7442734226844&usg=Y2ppadYrd0MWHs?xlxl=dgdeqvj&qnawb=fceuosw&lnnbn=nhgffeaf&fqvy=lurkprr&yai=jigyonfce&ory=vsqggizh&fifb=focdwdhjc&dfc=xwfulwd&qnye=daknwkqme&wkf=cjhrranb&xshah=zsyilybj&bgpyo=lenlsrt&ddijd=lwszuml&rtib=pnkhisvd&mieb=ramsvxln&you=txzxgipmy&bdql=gshwgqio&qbvxh=aefmvnbjg&gpxm=zyrhrou&ppw=egmjlcltq&elfx=wqxvejc&csgp=colabozg HTTP/1.1
Host: www.google.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://www.google.com.au/amp/google.ae/amp/tinyurl.com/3e2hvnre
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-2YqF4djnmuugDoo3eOJYaw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 28 Mar 2024 12:11:01 GMT
server: gws
content-length: 261
x-xss-protection: 0
set-cookie: __Secure-ENID=18.SE=kdnZSs205N7wUYeJjWxyNziTNIIlZZPD07TjK2yAFkGqsX3pvh6c_8-dPSdjzmYMKnPZlLH9lvQaOP6_PFUm_l4ANMHIog4ks_Pez2IWh8qihtaAnrC1FGSLpnDEzIJol8TpAjnmh8p02qgQ59kloAgPKbbUf2xM1MWJwJTjSWU; expires=Mon, 28-Apr-2025 04:29:19 GMT; path=/; domain=.google.com.au; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com.au/amp/google.ae/amp/tinyurl.com/3e2hvnre

216.58.207.195

302 Found

238 B

URL User Request GET HTTP/2
www.google.com.au/amp/google.ae/amp/tinyurl.com/3e2hvnre
IP
216.58.207.195:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com.au
Fingerprint9F:FC:D2:15:06:67:39:BB:B0:91:2E:FE:65:06:7A:A5:46:10:66:FA
ValidityMon, 26 Feb 2024 08:20:43 GMT - Mon, 20 May 2024 08:20:42 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
238 B (238 bytes)
Hash
b970d0cb6c22942df755f69d9ec3ec76
d5d81d436e0e8cbe2988212ab23847d2cb0074a2
6dc57893a9302705d98026c21ebf366dbb3c4febb7dfa7d1f045ce428b2b009d

HTTP Headers

GET /amp/google.ae/amp/tinyurl.com/3e2hvnre HTTP/1.1
Host: www.google.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=18.SE=kdnZSs205N7wUYeJjWxyNziTNIIlZZPD07TjK2yAFkGqsX3pvh6c_8-dPSdjzmYMKnPZlLH9lvQaOP6_PFUm_l4ANMHIog4ks_Pez2IWh8qihtaAnrC1FGSLpnDEzIJol8TpAjnmh8p02qgQ59kloAgPKbbUf2xM1MWJwJTjSWU
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
location: http://google.ae/amp/tinyurl.com/3e2hvnre
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-5-Pc6aidqGJsBtOIrtsbJg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Thu, 28 Mar 2024 12:11:02 GMT
server: gws
content-length: 238
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

google.ae/amp/tinyurl.com/3e2hvnre

142.250.74.3

301 Moved Permanently

242 B

URL User Request GET HTTP/1.1
google.ae/amp/tinyurl.com/3e2hvnre
IP
142.250.74.3:80
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
242 B (242 bytes)
Hash
a6ac11b041c0afbd81d079dd9aea927e
535998ed610493e3f40bc0e9e9e094415612e2d0
c3895739127ca44d94c7d1a2f96df443a76c4f1ffcbb2633c1182574d9d560c4

HTTP Headers

GET /amp/tinyurl.com/3e2hvnre HTTP/1.1
Host: google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Location: http://www.google.ae/amp/tinyurl.com/3e2hvnre
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-h5JjmRgdlRU5ZuVc0V2uhg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
Date: Thu, 28 Mar 2024 12:11:02 GMT
Expires: Sat, 27 Apr 2024 12:11:02 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 242
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.ae/amp/tinyurl.com/3e2hvnre

142.250.74.131

301 Moved Permanently

243 B

URL User Request GET HTTP/1.1
www.google.ae/amp/tinyurl.com/3e2hvnre
IP
142.250.74.131:80
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
243 B (243 bytes)
Hash
f7dc799234b21405a8dc4df6ad36acae
cdb5c8b4eb049c0326a51229d6b8fff4cb8bf64b
1e4002c7460a4555e88561a188d12f8e6d149afe10990ebb8c6b4363652b6cb1

HTTP Headers

GET /amp/tinyurl.com/3e2hvnre HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Location: https://www.google.ae/amp/tinyurl.com/3e2hvnre
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-FR3EhCjP7Fx12Zi6FIhalQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
Date: Thu, 28 Mar 2024 12:11:02 GMT
Expires: Sat, 27 Apr 2024 12:11:02 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 243
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.ae/amp/tinyurl.com/3e2hvnre

142.250.74.131

301 Moved Permanently

224 B

URL User Request GET HTTP/1.1
www.google.ae/amp/tinyurl.com/3e2hvnre
IP
142.250.74.131:80
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
224 B (224 bytes)
Hash
35ecb93c3e64bf03be757a5e7bdfc968
8013708b07fe3519f30cf48f754fd4701e0d5129
62bfcde2634d6e9f872d130ef9611e2422f008e687d76ae3c0f5e15a93e8184f

HTTP Headers

GET /amp/tinyurl.com/3e2hvnre HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: http://tinyurl.com/3e2hvnre
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-UHGkrxq7ReeOrDWW8FePHg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 28 Mar 2024 12:11:02 GMT
server: gws
content-length: 224
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=18.SE=ije2y_nAFMS3wc7uQVxCH2ZMA1Uq_vH8IVq5xfgz8Mac_-2ix-au71ltttstgUwB_e-3q46JOVsWQnkDE2Hg2sCHsL_3nmzlmjaw-QOPsK-apmgDR5PijtEIypbTcHVoT64cwev6NajeUgNN9FjNhc25fch47RZR_4PpvhaBfOA; expires=Mon, 28-Apr-2025 04:29:20 GMT; path=/; domain=.google.ae; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tinyurl.com/3e2hvnre

104.20.139.65

301 Moved Permanently

458 B

URL User Request GET HTTP/1.1
tinyurl.com/3e2hvnre
IP
104.20.139.65:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
458 B (458 bytes)
Hash
ff75c78b3cf2c171c34986fad5b7e40f
7f99352e3cbbd777571c46d0fbf7678cab530352
931f140829a46839ffa6fdd71dc81bf25e110c1e4b7eeae90d35399282e56ac4

HTTP Headers

GET /3e2hvnre HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 28 Mar 2024 12:11:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://google.ae/amp/fs2VjlJIn.fpmozqoprh.buzz/E9zSg
Referrer-Policy: unsafe-url
X-Robots-Tag: noindex
X-TinyURL-Redirect-Type: redirect
Cache-Control: max-age=0, must-revalidate, no-cache, no-store, private
X-TinyURL-Redirect: eyJpdiI6IlNXUnZFc2JsbFlQRDBkZTFWcXY0NFE9PSIsInZhbHVlIjoiN0lMWWVUQXplMmluNVJER0V6bkxjME1QN0J6aFYwMnlhSzlnWWxNalA2RkJUWEI3ZVZ4V1pGWlJSU2RTdERaS2F1SmgzRldNQ09FMXhWdlA3T1lJcVE9PSIsIm1hYyI6ImUwOTUwNGVkMDA2ZTY3NzgxODNlYjAzMTBhOWM5M2E5ZGIzZGFmODNkODFkOTEzYWM1YmU1MDc4YjhlOWEzMDciLCJ0YWciOiIifQ==
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: MISS
Set-Cookie: __cf_bm=zhLR6.iDXa9937XOwXsqkh1Fz.BRqyDcNGhNZTMkVvY-1711627863-1.0.1.1-se2rkkTTrXFTf9YN_S61qttCA7VOayaq92YC_Mz_XZ1kYX5o9tvhu_Oblh3IpPv9FasoTVJQ81jEs7tv3orUHg; path=/; expires=Thu, 28-Mar-24 12:41:03 GMT; domain=.tinyurl.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86b7853e9efcb4ee-OSL
alt-svc: h2=":443"; ma=60

google.ae/amp/fs2VjlJIn.fpmozqoprh.buzz/E9zSg

142.250.74.3

301 Moved Permanently

254 B

URL User Request GET HTTP/2
google.ae/amp/fs2VjlJIn.fpmozqoprh.buzz/E9zSg
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.ae
Fingerprint75:92:6B:83:82:16:2B:37:CF:9A:86:F3:1E:47:67:F2:BA:7C:A9:A6
ValidityMon, 26 Feb 2024 08:20:20 GMT - Mon, 20 May 2024 08:20:19 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
254 B (254 bytes)
Hash
d6559e3e94c96814d9f8d9415b32128b
5c3d9c76da11d22b52242055a8616f66954838ff
67c4ccdb79ef974c49398bc6acb3110a6693ba46a0c36671e8a5d14106ddb00b

HTTP Headers

GET /amp/fs2VjlJIn.fpmozqoprh.buzz/E9zSg HTTP/1.1
Host: google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=18.SE=ije2y_nAFMS3wc7uQVxCH2ZMA1Uq_vH8IVq5xfgz8Mac_-2ix-au71ltttstgUwB_e-3q46JOVsWQnkDE2Hg2sCHsL_3nmzlmjaw-QOPsK-apmgDR5PijtEIypbTcHVoT64cwev6NajeUgNN9FjNhc25fch47RZR_4PpvhaBfOA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.google.ae/amp/fs2VjlJIn.fpmozqoprh.buzz/E9zSg
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-kaYVks2R3fbHbShsSIx8QQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Thu, 28 Mar 2024 12:11:03 GMT
expires: Sat, 27 Apr 2024 12:11:03 GMT
cache-control: public, max-age=2592000
server: gws
content-length: 254
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.ae/amp/fs2VjlJIn.fpmozqoprh.buzz/E9zSg

142.250.74.131

302 Found

235 B

URL User Request GET HTTP/3
www.google.ae/amp/fs2VjlJIn.fpmozqoprh.buzz/E9zSg
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.ae
Fingerprint75:92:6B:83:82:16:2B:37:CF:9A:86:F3:1E:47:67:F2:BA:7C:A9:A6
ValidityMon, 26 Feb 2024 08:20:20 GMT - Mon, 20 May 2024 08:20:19 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
235 B (235 bytes)
Hash
7277b696dea47f0567189c61e21909a6
fc70ef1b904b74f03f9ac57aa89088becc4d135e
bf328f4b90babcbdf62a36f8788ce788d8255aa562d628ee03e4ed19f5bee2ae

HTTP Headers

GET /amp/fs2VjlJIn.fpmozqoprh.buzz/E9zSg HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=18.SE=ije2y_nAFMS3wc7uQVxCH2ZMA1Uq_vH8IVq5xfgz8Mac_-2ix-au71ltttstgUwB_e-3q46JOVsWQnkDE2Hg2sCHsL_3nmzlmjaw-QOPsK-apmgDR5PijtEIypbTcHVoT64cwev6NajeUgNN9FjNhc25fch47RZR_4PpvhaBfOA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
location: http://fs2VjlJIn.fpmozqoprh.buzz/E9zSg
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-OrfZVdHdqzhLkSZh3QBNTQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Thu, 28 Mar 2024 12:11:03 GMT
server: gws
content-length: 235
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fs2vjljin.fpmozqoprh.buzz/E9zSg

24.144.68.200

301 Moved Permanently

74 B

URL User Request GET HTTP/1.1
fs2vjljin.fpmozqoprh.buzz/E9zSg
IP
24.144.68.200:80
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text
Size
74 B (74 bytes)
Hash
71652c9c4ce6394265273787f98a4b53
68dca0c17d55557608b347c10f9f4446284d5687
ede16cc3a62e8a078078bf5279349f9baabaef59baae7ab86e9290b1fca03e55

HTTP Headers

GET /E9zSg HTTP/1.1
Host: fs2vjljin.fpmozqoprh.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://fs2vjljin.fpmozqoprh.buzz/E9zSg
Date: Thu, 28 Mar 2024 12:11:03 GMT
Content-Length: 74

google.so/

142.250.74.131

218 B

URL
google.so/
IP
142.250.74.131:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.so
Fingerprint9F:94:35:3C:B1:E9:96:C8:79:6A:8C:21:C8:80:27:68:69:E6:8F:CA
ValidityMon, 26 Feb 2024 08:21:35 GMT - Mon, 20 May 2024 08:21:34 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
218 B (218 bytes)
Hash
010f34f5b52d9c232f6237562055de3d
32a9d0f05030455a46bd9825d5c8c15539553c7a
6f9ae36003c07f1b02485bd0feeb26dc0f71d256a7e8072a83fb7edb35c2a7b6

HTTP Headers

GET / HTTP/1.1
Host: google.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Location: http://www.google.so/
Content-Type: text/html; charset=UTF-8
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-O1SNEYyeUEUb5Tx0-ExBuQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
Date: Thu, 28 Mar 2024 12:11:03 GMT
Expires: Sat, 27 Apr 2024 12:11:03 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 218
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.so/

216.58.207.227

230 B

URL
www.google.so/
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.so
Fingerprint9F:94:35:3C:B1:E9:96:C8:79:6A:8C:21:C8:80:27:68:69:E6:8F:CA
ValidityMon, 26 Feb 2024 08:21:35 GMT - Mon, 20 May 2024 08:21:34 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
230 B (230 bytes)
Hash
4944ecab53ff513469bcd814e31b3ef8
bab2627e9298bda4c2a8a4807794b0195f31b329
4af87bff13e2f8787847569f334646236b056daf963b296532274f29a879271e

HTTP Headers

GET / HTTP/1.1
Host: www.google.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Location: https://www.google.so/?gws_rd=ssl
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-wqTWafOQLLtAeA7qmzV-QQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
Date: Thu, 28 Mar 2024 12:11:04 GMT
Server: gws
Content-Length: 230
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=Ae3NU9OQ5f5gI5mpElRxC2fcpZRkdgcY11gt9RWx4Rv-xR8OpeOPZjGnSQ; expires=Tue, 24-Sep-2024 12:11:04 GMT; path=/; domain=.google.so; Secure; HttpOnly; SameSite=lax

www.google.so/?gws_rd=ssl

216.58.207.227

71 kB

URL
www.google.so/?gws_rd=ssl
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.so
Fingerprint9F:94:35:3C:B1:E9:96:C8:79:6A:8C:21:C8:80:27:68:69:E6:8F:CA
ValidityMon, 26 Feb 2024 08:21:35 GMT - Mon, 20 May 2024 08:21:34 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (14980)
Size
71 kB (71239 bytes)
Hash
e1083eb13de4739cfb9ab94a78d9d889
6c4b55b04f4f489a8335bce53bfaf1e9c8813946
dcc31f4aad7adb8c779c6d9ec357f7fc96715a528445963188fe48398207982e

HTTP Headers

GET /?gws_rd=ssl HTTP/1.1
Host: www.google.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 12:11:04 GMT
expires: -1
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-Dqdyd6zPq98YFZB36rHa1g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 71239
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: AEC=Ae3NU9Nu8fXpMxzeLEcBhedljQRVlolHRduKAWuM35E9-_0coC7TdTW3lw; expires=Tue, 24-Sep-2024 12:11:04 GMT; path=/; domain=.google.so; Secure; HttpOnly; SameSite=lax
__Secure-ENID=18.SE=S-zbnMxGIQVzJSzBlQuzkxDhfwKDuJDpZsliIsQoB8s1De9XA-Qb3DoTePFJ7Eypp0cP_rtN80TV58lDU5n1dTpzotBixCRLqKHLZ4n6gz-eLkq5pLqC3Z5JsHQNVRbv-zbx-rPjji9Tqb-R8154N1cSDZJwKxRwNMG5Iy_4Nv9PWfB34Q; expires=Mon, 28-Apr-2025 04:29:22 GMT; path=/; domain=.google.so; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fs2vjljin.fpmozqoprh.buzz/E9zSg

24.144.68.200

301 Moved Permanently

74 B

URL User Request GET HTTP/1.1
fs2vjljin.fpmozqoprh.buzz/E9zSg
IP
24.144.68.200:80
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text
Size
74 B (74 bytes)
Hash
71652c9c4ce6394265273787f98a4b53
68dca0c17d55557608b347c10f9f4446284d5687
ede16cc3a62e8a078078bf5279349f9baabaef59baae7ab86e9290b1fca03e55

HTTP Headers

GET /E9zSg HTTP/1.1
Host: fs2vjljin.fpmozqoprh.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://fs2vjljin.fpmozqoprh.buzz/E9zSg
Date: Thu, 28 Mar 2024 12:11:04 GMT
Content-Length: 74

fs2vjljin.fpmozqoprh.buzz/E9zSg

24.144.68.200

301 Moved Permanently

51 B

URL User Request GET HTTP/1.1
fs2vjljin.fpmozqoprh.buzz/E9zSg
IP
24.144.68.200:80
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text
Size
51 B (51 bytes)
Hash
cf5eac327952b73a3201a4521bd17184
4b45396ff84e3371e0bda271fcf14d564258fc0f
b4b930797c0b6b290ff84cb76aa07227520e0b7f3bcea5f59623dfcab0a00969

HTTP Headers

GET /E9zSg HTTP/1.1
Host: fs2vjljin.fpmozqoprh.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: https://JKZfQPor8x5NhJHn.com
Date: Thu, 28 Mar 2024 12:11:06 GMT
Content-Length: 51

jkzfqpor8x5nhjhn.com/

0.0.0.0

0 B

URL User Request GET
jkzfqpor8x5nhjhn.com/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: jkzfqpor8x5nhjhn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size