Report - www.google.com/url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DxP%26rct%3DZb%26esrc%3Dozqo%26source%3Dkkf%26cd%3DJOOI%26cad%3DhZUKrx%26ved%3DYWRrWpIWnmQiLL%26uact%3D548%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2534%2570%2562%2538%2561%2535%256D%26opi%3D2759654053435%26usg%3DEY2OVv0wye7x3J?bjd%3Dhozvxuxo%26pych%3Dgidfnza%26wsxh%3Dmkxpmdomi%26tcv%3Dlphacugil%26wqk%3Dcrojdguw%26ian%3Dwhdnaate%26nvruu%3Drkmvlhs%26puj%3Dbkgxldw%26eltl%3Ddweaaks%26ykf%3Dmjsbohyyx%26eop%3Dxiuhffac%26ncwt%3Diesegejp%26dlv%3Damddyia%26ramnc%3Dmxcafya%26aydmt%3Duvsywacsz%26ludr%3Denllhyi%26tcktw%3Drvgmfnqmr%26dfhi%3Dahmiguapu%26mkg%3Dknszjfqh%26fmjhi%3Dizwufqpau%26vats%3Dlpqlyjgln%26mpcgs%3Dyrinhbmy%26frnay%3Dfiprntwr&source=gmail&ust=1711665009383000&usg=AOvVaw0wT8vUAo8OJ-YWU4QqbQeG&source=gmail&ust=1711665051470000&usg=AOvVaw1T2TXo-5M6GiOIRR13O85r

Report Overview

Submitted URL
www.google.com/url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DxP%26rct%3DZb%26esrc%3Dozqo%26source%3Dkkf%26cd%3DJOOI%26cad%3DhZUKrx%26ved%3DYWRrWpIWnmQiLL%26uact%3D548%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2534%2570%2562%2538%2561%2535%256D%26opi%3D2759654053435%26usg%3DEY2OVv0wye7x3J?bjd%3Dhozvxuxo%26pych%3Dgidfnza%26wsxh%3Dmkxpmdomi%26tcv%3Dlphacugil%26wqk%3Dcrojdguw%26ian%3Dwhdnaate%26nvruu%3Drkmvlhs%26puj%3Dbkgxldw%26eltl%3Ddweaaks%26ykf%3Dmjsbohyyx%26eop%3Dxiuhffac%26ncwt%3Diesegejp%26dlv%3Damddyia%26ramnc%3Dmxcafya%26aydmt%3Duvsywacsz%26ludr%3Denllhyi%26tcktw%3Drvgmfnqmr%26dfhi%3Dahmiguapu%26mkg%3Dknszjfqh%26fmjhi%3Dizwufqpau%26vats%3Dlpqlyjgln%26mpcgs%3Dyrinhbmy%26frnay%3Dfiprntwr&source=gmail&ust=1711665009383000&usg=AOvVaw0wT8vUAo8OJ-YWU4QqbQeG&source=gmail&ust=1711665051470000&usg=AOvVaw1T2TXo-5M6GiOIRR13O85r
IP
142.250.74.164
ASN
#15169 GOOGLE
Submitted
2024-03-28 13:01:09
Access
public
Website Title
Server Not Found
Final URL
about:neterror?e=dnsNotFound&u=https%3A//ua9iq2etuhrcpqoe.com/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20ua9iq2etuhrcpqoe.com.
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	2.1 kB	76 kB	216.58.211.4
google.com.au	8601	unknown	2012-08-13	2024-03-14	1.1 kB	2.0 kB	142.250.74.99
www.google.com.au	18950	unknown	2012-05-22	2024-03-24	1.8 kB	2.3 kB	172.217.21.163
google.ae	11260	unknown	2012-12-13	2024-03-14	1.2 kB	2.1 kB	142.250.74.3
www.google.ae	23447	unknown	2012-05-22	2024-03-27	1.8 kB	3.3 kB	216.58.207.227
tinyurl.com	10084	2002-01-27	2012-05-21	2024-03-27	390 B	1.6 kB	172.67.1.225
ut6txdoos.jldmujigex.buzz	unknown	unknown	No data	No data	892 B	468 B	24.144.68.200
ua9iq2etuhrcpqoe.com	unknown	unknown	No data	No data	477 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	ua9iq2etuhrcpqoe.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	about:neterror?e=dnsNotFound&u=https%3A//ua9iq2etuhrcpqoe.com/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20ua9iq2etuhrcpqoe.com.	0 B	2023-03-07	2024-04-27
Pretty URL about:neterror?e=dnsNotFound&u=https%3A//ua9iq2etuhrcpqoe.com/&c=UTF-8&d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20ua9iq2etuhrcpqoe.com. IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 17:15:46 Times Seen37123900 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (15)

URL IP Response Size

www.google.com/url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DxP%26rct%3DZb%26esrc%3Dozqo%26source%3Dkkf%26cd%3DJOOI%26cad%3DhZUKrx%26ved%3DYWRrWpIWnmQiLL%26uact%3D548%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2534%2570%2562%2538%2561%2535%256D%26opi%3D2759654053435%26usg%3DEY2OVv0wye7x3J?bjd%3Dhozvxuxo%26pych%3Dgidfnza%26wsxh%3Dmkxpmdomi%26tcv%3Dlphacugil%26wqk%3Dcrojdguw%26ian%3Dwhdnaate%26nvruu%3Drkmvlhs%26puj%3Dbkgxldw%26eltl%3Ddweaaks%26ykf%3Dmjsbohyyx%26eop%3Dxiuhffac%26ncwt%3Diesegejp%26dlv%3Damddyia%26ramnc%3Dmxcafya%26aydmt%3Duvsywacsz%26ludr%3Denllhyi%26tcktw%3Drvgmfnqmr%26dfhi%3Dahmiguapu%26mkg%3Dknszjfqh%26fmjhi%3Dizwufqpau%26vats%3Dlpqlyjgln%26mpcgs%3Dyrinhbmy%26frnay%3Dfiprntwr&source=gmail&ust=1711665009383000&usg=AOvVaw0wT8vUAo8OJ-YWU4QqbQeG&source=gmail&ust=1711665051470000&usg=AOvVaw1T2TXo-5M6GiOIRR13O85r

216.58.211.4

302 Found

916 B

URL User Request GET HTTP/2
www.google.com/url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DxP%26rct%3DZb%26esrc%3Dozqo%26source%3Dkkf%26cd%3DJOOI%26cad%3DhZUKrx%26ved%3DYWRrWpIWnmQiLL%26uact%3D548%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2534%2570%2562%2538%2561%2535%256D%26opi%3D2759654053435%26usg%3DEY2OVv0wye7x3J?bjd%3Dhozvxuxo%26pych%3Dgidfnza%26wsxh%3Dmkxpmdomi%26tcv%3Dlphacugil%26wqk%3Dcrojdguw%26ian%3Dwhdnaate%26nvruu%3Drkmvlhs%26puj%3Dbkgxldw%26eltl%3Ddweaaks%26ykf%3Dmjsbohyyx%26eop%3Dxiuhffac%26ncwt%3Diesegejp%26dlv%3Damddyia%26ramnc%3Dmxcafya%26aydmt%3Duvsywacsz%26ludr%3Denllhyi%26tcktw%3Drvgmfnqmr%26dfhi%3Dahmiguapu%26mkg%3Dknszjfqh%26fmjhi%3Dizwufqpau%26vats%3Dlpqlyjgln%26mpcgs%3Dyrinhbmy%26frnay%3Dfiprntwr&source=gmail&ust=1711665009383000&usg=AOvVaw0wT8vUAo8OJ-YWU4QqbQeG&source=gmail&ust=1711665051470000&usg=AOvVaw1T2TXo-5M6GiOIRR13O85r
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint32:A3:19:7A:6B:D5:C7:5E:CA:7C:C8:08:79:14:56:FD:FC:3E:06:F0
ValidityMon, 26 Feb 2024 08:18:59 GMT - Mon, 20 May 2024 08:18:58 GMT

File type
HTML document, ASCII text, with very long lines (739), with CRLF, LF line terminators
Size
916 B (916 bytes)
Hash
a9c491f860506b0a829209913b848bbd
cf2996cf5c80025ef224a37547b55e6d25fb2bb8
eed694c62964c274bdb9aec787424102b00aa42f247d132dcc62da8ec80b5232

HTTP Headers

GET /url?hl=en&q=https://google.com.au/url?sa%3Dt%26q%3DxP%26rct%3DZb%26esrc%3Dozqo%26source%3Dkkf%26cd%3DJOOI%26cad%3DhZUKrx%26ved%3DYWRrWpIWnmQiLL%26uact%3D548%26url%3D%2561%256D%2570%252F%2567%256F%256F%2567%256C%2565%252E%2561%2565%252F%2561%256D%2570%252F%2574%2569%256E%2579%2575%2572%256C%252E%2563%256F%256D%252F%2533%2534%2570%2562%2538%2561%2535%256D%26opi%3D2759654053435%26usg%3DEY2OVv0wye7x3J?bjd%3Dhozvxuxo%26pych%3Dgidfnza%26wsxh%3Dmkxpmdomi%26tcv%3Dlphacugil%26wqk%3Dcrojdguw%26ian%3Dwhdnaate%26nvruu%3Drkmvlhs%26puj%3Dbkgxldw%26eltl%3Ddweaaks%26ykf%3Dmjsbohyyx%26eop%3Dxiuhffac%26ncwt%3Diesegejp%26dlv%3Damddyia%26ramnc%3Dmxcafya%26aydmt%3Duvsywacsz%26ludr%3Denllhyi%26tcktw%3Drvgmfnqmr%26dfhi%3Dahmiguapu%26mkg%3Dknszjfqh%26fmjhi%3Dizwufqpau%26vats%3Dlpqlyjgln%26mpcgs%3Dyrinhbmy%26frnay%3Dfiprntwr&source=gmail&ust=1711665009383000&usg=AOvVaw0wT8vUAo8OJ-YWU4QqbQeG&source=gmail&ust=1711665051470000&usg=AOvVaw1T2TXo-5M6GiOIRR13O85r HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://google.com.au/url?sa=t&q=xP&rct=Zb&esrc=ozqo&source=kkf&cd=JOOI&cad=hZUKrx&ved=YWRrWpIWnmQiLL&uact=548&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%33%34%70%62%38%61%35%6D&opi=2759654053435&usg=EY2OVv0wye7x3J?bjd=hozvxuxo&pych=gidfnza&wsxh=mkxpmdomi&tcv=lphacugil&wqk=crojdguw&ian=whdnaate&nvruu=rkmvlhs&puj=bkgxldw&eltl=dweaaks&ykf=mjsbohyyx&eop=xiuhffac&ncwt=iesegejp&dlv=amddyia&ramnc=mxcafya&aydmt=uvsywacsz&ludr=enllhyi&tcktw=rvgmfnqmr&dfhi=ahmiguapu&mkg=knszjfqh&fmjhi=izwufqpau&vats=lpqlyjgln&mpcgs=yrinhbmy&frnay=fiprntwr
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Xn1KOOtFecAgSuGu6HqzAA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 28 Mar 2024 13:00:43 GMT
server: gws
content-length: 916
x-xss-protection: 0
set-cookie: __Secure-ENID=18.SE=ZXDCOUZ7kI017WBg_XB_zk54JknQtHrFWNHOWiLcJz45nF-mGUAoPaiptOz82c6QgwW6sqJko9jdL1OCUWz23G5p_DJkof3WfsgKd-QrlOsdHjFxeOmRYzVb-2Hwq4ebWAOrhB21Q1nUiQB-_azRPRqb9JYm26SaiCaC_DNeM8Y; expires=Mon, 28-Apr-2025 05:19:01 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

google.com.au/url?sa=t&q=xP&rct=Zb&esrc=ozqo&source=kkf&cd=JOOI&cad=hZUKrx&ved=YWRrWpIWnmQiLL&uact=548&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%33%34%70%62%38%61%35%6D&opi=2759654053435&usg=EY2OVv0wye7x3J?bjd=hozvxuxo&pych=gidfnza&wsxh=mkxpmdomi&tcv=lphacugil&wqk=crojdguw&ian=whdnaate&nvruu=rkmvlhs&puj=bkgxldw&eltl=dweaaks&ykf=mjsbohyyx&eop=xiuhffac&ncwt=iesegejp&dlv=amddyia&ramnc=mxcafya&aydmt=uvsywacsz&ludr=enllhyi&tcktw=rvgmfnqmr&dfhi=ahmiguapu&mkg=knszjfqh&fmjhi=izwufqpau&vats=lpqlyjgln&mpcgs=yrinhbmy&frnay=fiprntwr

142.250.74.99

301 Moved Permanently

856 B

URL User Request GET HTTP/2
google.com.au/url?sa=t&q=xP&rct=Zb&esrc=ozqo&source=kkf&cd=JOOI&cad=hZUKrx&ved=YWRrWpIWnmQiLL&uact=548&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%33%34%70%62%38%61%35%6D&opi=2759654053435&usg=EY2OVv0wye7x3J?bjd=hozvxuxo&pych=gidfnza&wsxh=mkxpmdomi&tcv=lphacugil&wqk=crojdguw&ian=whdnaate&nvruu=rkmvlhs&puj=bkgxldw&eltl=dweaaks&ykf=mjsbohyyx&eop=xiuhffac&ncwt=iesegejp&dlv=amddyia&ramnc=mxcafya&aydmt=uvsywacsz&ludr=enllhyi&tcktw=rvgmfnqmr&dfhi=ahmiguapu&mkg=knszjfqh&fmjhi=izwufqpau&vats=lpqlyjgln&mpcgs=yrinhbmy&frnay=fiprntwr
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com.au
Fingerprint9F:FC:D2:15:06:67:39:BB:B0:91:2E:FE:65:06:7A:A5:46:10:66:FA
ValidityMon, 26 Feb 2024 08:20:43 GMT - Mon, 20 May 2024 08:20:42 GMT

File type
HTML document, ASCII text, with very long lines (679), with CRLF, LF line terminators
Size
856 B (856 bytes)
Hash
b951c5a78f8835ae978c365bcd4b90b7
8c5f5810e91f36d1cf283e88e73ea3591d8d5377
8eb6562b3532db11f059c65f0a7a0501a428a61b17713e2b4812d4a88e8003da

HTTP Headers

GET /url?sa=t&q=xP&rct=Zb&esrc=ozqo&source=kkf&cd=JOOI&cad=hZUKrx&ved=YWRrWpIWnmQiLL&uact=548&url=%61%6D%70%2F%67%6F%6F%67%6C%65%2E%61%65%2F%61%6D%70%2F%74%69%6E%79%75%72%6C%2E%63%6F%6D%2F%33%34%70%62%38%61%35%6D&opi=2759654053435&usg=EY2OVv0wye7x3J?bjd=hozvxuxo&pych=gidfnza&wsxh=mkxpmdomi&tcv=lphacugil&wqk=crojdguw&ian=whdnaate&nvruu=rkmvlhs&puj=bkgxldw&eltl=dweaaks&ykf=mjsbohyyx&eop=xiuhffac&ncwt=iesegejp&dlv=amddyia&ramnc=mxcafya&aydmt=uvsywacsz&ludr=enllhyi&tcktw=rvgmfnqmr&dfhi=ahmiguapu&mkg=knszjfqh&fmjhi=izwufqpau&vats=lpqlyjgln&mpcgs=yrinhbmy&frnay=fiprntwr HTTP/1.1
Host: google.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.google.com.au/url?sa=t&q=xP&rct=Zb&esrc=ozqo&source=kkf&cd=JOOI&cad=hZUKrx&ved=YWRrWpIWnmQiLL&uact=548&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2F34pb8a5m&opi=2759654053435&usg=EY2OVv0wye7x3J?bjd=hozvxuxo&pych=gidfnza&wsxh=mkxpmdomi&tcv=lphacugil&wqk=crojdguw&ian=whdnaate&nvruu=rkmvlhs&puj=bkgxldw&eltl=dweaaks&ykf=mjsbohyyx&eop=xiuhffac&ncwt=iesegejp&dlv=amddyia&ramnc=mxcafya&aydmt=uvsywacsz&ludr=enllhyi&tcktw=rvgmfnqmr&dfhi=ahmiguapu&mkg=knszjfqh&fmjhi=izwufqpau&vats=lpqlyjgln&mpcgs=yrinhbmy&frnay=fiprntwr
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-LDA3v5ZCcYjrCF2av5ScVA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Thu, 28 Mar 2024 13:00:43 GMT
expires: Sat, 27 Apr 2024 13:00:43 GMT
cache-control: public, max-age=2592000
server: gws
content-length: 856
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com.au/url?sa=t&q=xP&rct=Zb&esrc=ozqo&source=kkf&cd=JOOI&cad=hZUKrx&ved=YWRrWpIWnmQiLL&uact=548&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2F34pb8a5m&opi=2759654053435&usg=EY2OVv0wye7x3J?bjd=hozvxuxo&pych=gidfnza&wsxh=mkxpmdomi&tcv=lphacugil&wqk=crojdguw&ian=whdnaate&nvruu=rkmvlhs&puj=bkgxldw&eltl=dweaaks&ykf=mjsbohyyx&eop=xiuhffac&ncwt=iesegejp&dlv=amddyia&ramnc=mxcafya&aydmt=uvsywacsz&ludr=enllhyi&tcktw=rvgmfnqmr&dfhi=ahmiguapu&mkg=knszjfqh&fmjhi=izwufqpau&vats=lpqlyjgln&mpcgs=yrinhbmy&frnay=fiprntwr

172.217.21.163

302 Found

261 B

URL User Request GET HTTP/2
www.google.com.au/url?sa=t&q=xP&rct=Zb&esrc=ozqo&source=kkf&cd=JOOI&cad=hZUKrx&ved=YWRrWpIWnmQiLL&uact=548&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2F34pb8a5m&opi=2759654053435&usg=EY2OVv0wye7x3J?bjd=hozvxuxo&pych=gidfnza&wsxh=mkxpmdomi&tcv=lphacugil&wqk=crojdguw&ian=whdnaate&nvruu=rkmvlhs&puj=bkgxldw&eltl=dweaaks&ykf=mjsbohyyx&eop=xiuhffac&ncwt=iesegejp&dlv=amddyia&ramnc=mxcafya&aydmt=uvsywacsz&ludr=enllhyi&tcktw=rvgmfnqmr&dfhi=ahmiguapu&mkg=knszjfqh&fmjhi=izwufqpau&vats=lpqlyjgln&mpcgs=yrinhbmy&frnay=fiprntwr
IP
172.217.21.163:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com.au
Fingerprint9F:FC:D2:15:06:67:39:BB:B0:91:2E:FE:65:06:7A:A5:46:10:66:FA
ValidityMon, 26 Feb 2024 08:20:43 GMT - Mon, 20 May 2024 08:20:42 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
261 B (261 bytes)
Hash
311fc2a2445ce7eeb7f284fc87705959
233307342319cddbc022f56e634c2585709e41d1
a4fbecbeab50682cf951013daa54feccc347a7723ca19da421478973ef35a5d2

HTTP Headers

GET /url?sa=t&q=xP&rct=Zb&esrc=ozqo&source=kkf&cd=JOOI&cad=hZUKrx&ved=YWRrWpIWnmQiLL&uact=548&url=amp%2Fgoogle%2Eae%2Famp%2Ftinyurl%2Ecom%2F34pb8a5m&opi=2759654053435&usg=EY2OVv0wye7x3J?bjd=hozvxuxo&pych=gidfnza&wsxh=mkxpmdomi&tcv=lphacugil&wqk=crojdguw&ian=whdnaate&nvruu=rkmvlhs&puj=bkgxldw&eltl=dweaaks&ykf=mjsbohyyx&eop=xiuhffac&ncwt=iesegejp&dlv=amddyia&ramnc=mxcafya&aydmt=uvsywacsz&ludr=enllhyi&tcktw=rvgmfnqmr&dfhi=ahmiguapu&mkg=knszjfqh&fmjhi=izwufqpau&vats=lpqlyjgln&mpcgs=yrinhbmy&frnay=fiprntwr HTTP/1.1
Host: www.google.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://www.google.com.au/amp/google.ae/amp/tinyurl.com/34pb8a5m
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-x60qdgR55HeRvPK1DkHPZA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 28 Mar 2024 13:00:44 GMT
server: gws
content-length: 261
x-xss-protection: 0
set-cookie: __Secure-ENID=18.SE=EWGOQLaesSFejKCQr48SE8lqIkD98xc2suOUw6foJfjN7hq8s3oX_Zcg1KO8fbmrVNTcsM06tuLDyUCp2ry2QZeNriclqHjXKq4V7xUyQqoKXhkvbWoNVUP5lc3NOhoPaxZCEmg78mEO_kptQf_f3_b8eAEL8pXfDa6GgiIRK9Cfapw; expires=Mon, 28-Apr-2025 05:19:02 GMT; path=/; domain=.google.com.au; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com.au/amp/google.ae/amp/tinyurl.com/34pb8a5m

172.217.21.163

302 Found

238 B

URL User Request GET HTTP/2
www.google.com.au/amp/google.ae/amp/tinyurl.com/34pb8a5m
IP
172.217.21.163:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com.au
Fingerprint9F:FC:D2:15:06:67:39:BB:B0:91:2E:FE:65:06:7A:A5:46:10:66:FA
ValidityMon, 26 Feb 2024 08:20:43 GMT - Mon, 20 May 2024 08:20:42 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
238 B (238 bytes)
Hash
c1b9d9af9fca9387cc17d467fbd75036
b00ac5b48923e6f6a0679b774934de97f74ab472
5224ef86097795cb60aa3f568d916a1b9f57dd955f259816a09fbf9334a772c8

HTTP Headers

GET /amp/google.ae/amp/tinyurl.com/34pb8a5m HTTP/1.1
Host: www.google.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=18.SE=EWGOQLaesSFejKCQr48SE8lqIkD98xc2suOUw6foJfjN7hq8s3oX_Zcg1KO8fbmrVNTcsM06tuLDyUCp2ry2QZeNriclqHjXKq4V7xUyQqoKXhkvbWoNVUP5lc3NOhoPaxZCEmg78mEO_kptQf_f3_b8eAEL8pXfDa6GgiIRK9Cfapw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
location: http://google.ae/amp/tinyurl.com/34pb8a5m
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-J6nVMgoff_iZmu0Yxx2Syw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Thu, 28 Mar 2024 13:00:44 GMT
server: gws
content-length: 238
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

google.ae/amp/tinyurl.com/34pb8a5m

142.250.74.3

301 Moved Permanently

242 B

URL User Request GET HTTP/1.1
google.ae/amp/tinyurl.com/34pb8a5m
IP
142.250.74.3:80
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
242 B (242 bytes)
Hash
0a7f583e96da0bf9538d97b525821c42
65b31c9b8278a29ac6f9c84842064ed0857106e5
937419370bda441e46f42b1d867d93923e09a573c89984e352264713b4efdb4e

HTTP Headers

GET /amp/tinyurl.com/34pb8a5m HTTP/1.1
Host: google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Location: http://www.google.ae/amp/tinyurl.com/34pb8a5m
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-l6yo_VV1FMEry4-9PjZhkg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
Date: Thu, 28 Mar 2024 13:00:44 GMT
Expires: Sat, 27 Apr 2024 13:00:44 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 242
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.ae/amp/tinyurl.com/34pb8a5m

216.58.207.227

302 Found

243 B

URL User Request GET HTTP/2
www.google.ae/amp/tinyurl.com/34pb8a5m
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.ae
Fingerprint75:92:6B:83:82:16:2B:37:CF:9A:86:F3:1E:47:67:F2:BA:7C:A9:A6
ValidityMon, 26 Feb 2024 08:20:20 GMT - Mon, 20 May 2024 08:20:19 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
243 B (243 bytes)
Hash
f58a78dda204b6d107e5f0f26f2b3fb1
c00960197c95cf32fdbdb49bdee5f2fd1357dcbf
e878b054c9240bfedc24fb9bb1b555a1d49c87ac16f9d44b2623809b1156389b

HTTP Headers

GET /amp/tinyurl.com/34pb8a5m HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Location: https://www.google.ae/amp/tinyurl.com/34pb8a5m
Content-Type: text/html; charset=UTF-8
Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-0xpwqqT1x1G0zidM6Ng3Qg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
Date: Thu, 28 Mar 2024 13:00:44 GMT
Expires: Sat, 27 Apr 2024 13:00:44 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 243
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.ae/amp/tinyurl.com/34pb8a5m

216.58.207.227

302 Found

224 B

URL User Request GET HTTP/2
www.google.ae/amp/tinyurl.com/34pb8a5m
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.ae
Fingerprint75:92:6B:83:82:16:2B:37:CF:9A:86:F3:1E:47:67:F2:BA:7C:A9:A6
ValidityMon, 26 Feb 2024 08:20:20 GMT - Mon, 20 May 2024 08:20:19 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
224 B (224 bytes)
Hash
d07f2a854d9a8f2faf5480a2f3733dfa
88bd1a57e5e24f581be4735ae88d60771307b736
7c8db2035212489c0f994a6eef4983e331d438b188a739d9bbba481e9475603d

HTTP Headers

GET /amp/tinyurl.com/34pb8a5m HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: http://tinyurl.com/34pb8a5m
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-GZE94BxEv0QsqqWXgh913g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 28 Mar 2024 13:00:44 GMT
server: gws
content-length: 224
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=18.SE=bIFBndKWhXJ0eEU8USIDyh-rWGAij8R8De1NOEIlAqLsUvM0OX7Jcn56rKR08gA4T2YSbH-HcOiF7h_i6MOMxZ20qbLNkB8lYyzmOgcLYZJwYMjPAUQYQyTZuBBbGyqxv_wbh-XziEXMrBu3Y4pDdLf3vT87OG4TTzTPoCeZtFE; expires=Mon, 28-Apr-2025 05:19:02 GMT; path=/; domain=.google.ae; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tinyurl.com/34pb8a5m

172.67.1.225

301 Moved Permanently

470 B

URL User Request GET HTTP/1.1
tinyurl.com/34pb8a5m
IP
172.67.1.225:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
470 B (470 bytes)
Hash
ca226c474c103bb9b725adf426a6f2f4
f7037a3c6c909a1107ba2b90542c813b50c0be17
cd67a455a9b5e4a75a7cc040ccd906cb7e404f4b3bd8907b3ed711ca9bf34c8f

HTTP Headers

GET /34pb8a5m HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 28 Mar 2024 13:00:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://google.ae/amp/UT6tXDoOS.jldmujigex.buzz/8WrfSkMy
Referrer-Policy: unsafe-url
X-Robots-Tag: noindex
X-TinyURL-Redirect-Type: redirect
Cache-Control: max-age=0, must-revalidate, no-cache, no-store, private
X-TinyURL-Redirect: eyJpdiI6IjJVQ1NXVjlEMERTb0JjZHZGcjdib0E9PSIsInZhbHVlIjoiK21IWUhGZUcvdERnM004bDNhRnhYaEsyamtsbWJJcWh5UjZrYUVnWGhGRGJsMnpBcjQ3aVFvNWpnN1BKa0xSYUhHRzR2dm5iN09pQ0w5SkJqbjdDV3c9PSIsIm1hYyI6IjNkYTkwMjAyZTVkODYyZWE3NWZlYTEwYzk5ZjAxNDdhMWNiZjMwOWUzMTZkNWQ5NGNkYzA4MjIzNGQ1NGM4NjciLCJ0YWciOiIifQ==
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: EXPIRED
Set-Cookie: __cf_bm=PDvmo8FTIra89QbGtSubGGKtfIYGiJxZy2sQ0pLtIFU-1711630845-1.0.1.1-R_76YIzzSV8kKVBbzMZTOqAHvoIGd5Rci6jBsgQ8tyCwKWVPEaihMkxVbZWUE8rEspmOTFUIPV20emtmq2icew; path=/; expires=Thu, 28-Mar-24 13:30:45 GMT; domain=.tinyurl.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86b7ce0c1b5d56c1-OSL
alt-svc: h2=":443"; ma=60

google.ae/amp/UT6tXDoOS.jldmujigex.buzz/8WrfSkMy

142.250.74.3

301 Moved Permanently

257 B

URL User Request GET HTTP/2
google.ae/amp/UT6tXDoOS.jldmujigex.buzz/8WrfSkMy
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.ae
Fingerprint75:92:6B:83:82:16:2B:37:CF:9A:86:F3:1E:47:67:F2:BA:7C:A9:A6
ValidityMon, 26 Feb 2024 08:20:20 GMT - Mon, 20 May 2024 08:20:19 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
257 B (257 bytes)
Hash
2153a7b839a499e6669229fdc58400f4
ec8d01dbdd96beb3afe3eba862cf655672e1ddc2
0de0a6d0b8d1d55afe3c7550dd8cd004962291fb6b996ab4c78495458a898ef6

HTTP Headers

GET /amp/UT6tXDoOS.jldmujigex.buzz/8WrfSkMy HTTP/1.1
Host: google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=18.SE=bIFBndKWhXJ0eEU8USIDyh-rWGAij8R8De1NOEIlAqLsUvM0OX7Jcn56rKR08gA4T2YSbH-HcOiF7h_i6MOMxZ20qbLNkB8lYyzmOgcLYZJwYMjPAUQYQyTZuBBbGyqxv_wbh-XziEXMrBu3Y4pDdLf3vT87OG4TTzTPoCeZtFE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://www.google.ae/amp/UT6tXDoOS.jldmujigex.buzz/8WrfSkMy
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-7SzepGLDvPsOBLGqZR2ESw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Thu, 28 Mar 2024 13:00:45 GMT
expires: Sat, 27 Apr 2024 13:00:45 GMT
cache-control: public, max-age=2592000
server: gws
content-length: 257
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.ae/amp/UT6tXDoOS.jldmujigex.buzz/8WrfSkMy

216.58.207.227

302 Found

238 B

URL User Request GET HTTP/3
www.google.ae/amp/UT6tXDoOS.jldmujigex.buzz/8WrfSkMy
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.ae
Fingerprint75:92:6B:83:82:16:2B:37:CF:9A:86:F3:1E:47:67:F2:BA:7C:A9:A6
ValidityMon, 26 Feb 2024 08:20:20 GMT - Mon, 20 May 2024 08:20:19 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
238 B (238 bytes)
Hash
9418f4a072b23630f3f2fc7077a3e35b
fff79b4fbcdca5f7ad35fc91e3ce62a487d4a108
9c20ca2738721275a67cf99a63e389bd795f4badfd365caadc94a4a381e68e28

HTTP Headers

GET /amp/UT6tXDoOS.jldmujigex.buzz/8WrfSkMy HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=18.SE=bIFBndKWhXJ0eEU8USIDyh-rWGAij8R8De1NOEIlAqLsUvM0OX7Jcn56rKR08gA4T2YSbH-HcOiF7h_i6MOMxZ20qbLNkB8lYyzmOgcLYZJwYMjPAUQYQyTZuBBbGyqxv_wbh-XziEXMrBu3Y4pDdLf3vT87OG4TTzTPoCeZtFE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
location: http://UT6tXDoOS.jldmujigex.buzz/8WrfSkMy
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-wzcoRZ0sHxzwrsElByQI6w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Thu, 28 Mar 2024 13:00:45 GMT
server: gws
content-length: 238
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ut6txdoos.jldmujigex.buzz/8WrfSkMy

24.144.68.200

302 Found

77 B

URL User Request GET HTTP/1.1
ut6txdoos.jldmujigex.buzz/8WrfSkMy
IP
24.144.68.200:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectjldmujigex.buzz
Fingerprint5A:84:0B:D3:35:6D:02:D8:C7:60:1F:57:98:0B:05:C2:62:CF:D0:EB
ValidityWed, 27 Mar 2024 16:53:12 GMT - Tue, 25 Jun 2024 16:53:11 GMT

File type
HTML document, ASCII text
Size
77 B (77 bytes)
Hash
6cf2a3df85069161619cd059ad317d9d
87e3d9dc9e0ac44f7fbecf1da2066054f21a81cc
d2bdf6bed681df311051517db4ac13ca9dcf6c6f343f7f5f0ea1b4c24731f568

HTTP Headers

GET /8WrfSkMy HTTP/1.1
Host: ut6txdoos.jldmujigex.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://ut6txdoos.jldmujigex.buzz/8WrfSkMy
Date: Thu, 28 Mar 2024 13:00:45 GMT
Content-Length: 77

www.google.com/

216.58.211.4

231 B

URL
www.google.com/
IP
216.58.211.4:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint32:A3:19:7A:6B:D5:C7:5E:CA:7C:C8:08:79:14:56:FD:FC:3E:06:F0
ValidityMon, 26 Feb 2024 08:18:59 GMT - Mon, 20 May 2024 08:18:58 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
231 B (231 bytes)
Hash
68a006996ece55adef2db478ed631ea5
43c3c326039fde13b0473b08d729e6fcd7c643b3
f7e4aae30ab2bda60bead5fd5a29a36685d768df007d3399d3047768babae200

HTTP Headers

GET / HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Location: https://www.google.com/?gws_rd=ssl
Cache-Control: private
Content-Type: text/html; charset=UTF-8
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-ufaHuyAgE9NeUEcfdzWeuA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
Date: Thu, 28 Mar 2024 13:00:46 GMT
Server: gws
Content-Length: 231
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: AEC=Ae3NU9MfgzJuEZsQ72giIV_z5ECY69ss5b7uW4baDX3tw22jEH4IO6_g35k; expires=Tue, 24-Sep-2024 13:00:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax

www.google.com/?gws_rd=ssl

216.58.211.4

71 kB

URL
www.google.com/?gws_rd=ssl
IP
216.58.211.4:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint32:A3:19:7A:6B:D5:C7:5E:CA:7C:C8:08:79:14:56:FD:FC:3E:06:F0
ValidityMon, 26 Feb 2024 08:18:59 GMT - Mon, 20 May 2024 08:18:58 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (14906)
Size
71 kB (71218 bytes)
Hash
773305abd3c37d7d04a992c698d9de97
64a27dd2d8ccb2f27b0600f2a9cc91132c0c7747
16bb0d45e1e4239d76dc009cd44648d4d6e04f4b60564ada3dd638bce54f053b

HTTP Headers

GET /?gws_rd=ssl HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 13:00:46 GMT
expires: -1
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-rmGrKBhQoyu1uhqkOMS8fw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 71218
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: AEC=Ae3NU9PzDfC8gGyvaThfXFEF0NusSlx7W9DZ8rxfahrI17p2InDoy3xTMEo; expires=Tue, 24-Sep-2024 13:00:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
__Secure-ENID=18.SE=aAoddj86i55AneJR1i9mgpgZUKH0qplKsSXYNkP_xOSPqMN9SdYu2a5UWBE6GOc1A_DI1kSr13k3GDKZpPj7Pji0H5o2xEXOeg0FgZHz0GQKbcJxssK9XUnvhwjlwkKZVF4dbUY81SFm5GH7vYfbZFhxASXifLf1fzsj6eNYoQ-GUi75Fac; expires=Mon, 28-Apr-2025 05:19:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ut6txdoos.jldmujigex.buzz/8WrfSkMy

24.144.68.200

302 Found

51 B

URL User Request GET HTTP/1.1
ut6txdoos.jldmujigex.buzz/8WrfSkMy
IP
24.144.68.200:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectjldmujigex.buzz
Fingerprint5A:84:0B:D3:35:6D:02:D8:C7:60:1F:57:98:0B:05:C2:62:CF:D0:EB
ValidityWed, 27 Mar 2024 16:53:12 GMT - Tue, 25 Jun 2024 16:53:11 GMT

File type
HTML document, ASCII text
Size
51 B (51 bytes)
Hash
fcfe1a00c5e87f6f6010197ce449cb5d
efca09be46418b952014ab142c49049a5c08d92e
36855cee03209f2279b7d23f7850ebdcb5a91f13b12409907463cb25078fac9e

HTTP Headers

GET /8WrfSkMy HTTP/1.1
Host: ut6txdoos.jldmujigex.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: https://Ua9Iq2etuhrCpQoe.com
Date: Thu, 28 Mar 2024 13:00:47 GMT
Content-Length: 51

ua9iq2etuhrcpqoe.com/

0.0.0.0

0 B

URL User Request GET
ua9iq2etuhrcpqoe.com/
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ua9iq2etuhrcpqoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash