ww25.nngirls.xyz Open in urlscan Pro
199.59.243.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nngirls.xyz/
Effective URL:
http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
Submission: On February 09 via manual (February 9th 2023, 9:48:00 am UTC) from US — Scanned from AU

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 199.59.243.222, located in United States and belongs to AMAZON-02, US. The main domain is ww25.nngirls.xyz.

This is the only time ww25.nngirls.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.247 103.224.182.247	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
5	199.59.243.222 199.59.243.222	16509 (AMAZON-02) (AMAZON-02)
1 5	172.217.194.103 172.217.194.103	15169 (GOOGLE) (GOOGLE)
1	172.253.118.156 172.253.118.156	15169 (GOOGLE) (GOOGLE)
3	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
16	5

1 103.224.182.247 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-247.above.com

nngirls.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.59.243.222 (United States)

ASN16509 (AMAZON-02, US)

ww25.nngirls.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.194.103 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	nngirls.xyz 1 redirects nngirls.xyz ww25.nngirls.xyz	27 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	83 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com Failed	346 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 854	593 B
16	4

	Domain	Requested by
5	www.google.com	1 redirects ww25.nngirls.xyz www.google.com www.gstatic.com
5	ww25.nngirls.xyz	ww25.nngirls.xyz
3	www.gstatic.com	www.google.com www.gstatic.com
1	partner.googleadservices.com	www.google.com
1	nngirls.xyz	1 redirects
0	fonts.gstatic.com Failed	www.google.com
16	6

This site contains no links.

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
Frame ID: 9172B559BBFBD81C8B90C35D757BAAE7
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol309%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol439%26client%3Ddp-bodis01_js%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.nngirls.xyz%253Fcaf%2526subid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2876836166450698%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301075%252C17301078%26format%3Dr7%26nocache%3D1531675936077347%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.nngirls.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1675936077348%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D503972142%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D503972142%26rurl%3Dhttp%253A%252F%252Fww25.nngirls.xyz%252F%253Fsubid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dEcGM2Ck58GIjC7XMxDe2EeWVhTjWlp4zORtgycitqR2qHsBKA16AR_ab_UJCXDGb78Vbo5WAOlRiAyAXI
Frame ID: 205FD3AAC00CBD71FF2DE5CB5E5FE7D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=normal&s=mR5RWfYE9UpVwURxFyvEJKAKFom6c3N0B5pT7p-RXI8sjSXOaGq22tsEMVOLNTR3OJ5ugpv_KuTo8Zf3bpT0oLtg_BHVC9sPasdfPd-1xa1hoGOg5zItXAd9gdTO6mizju_6cy7Dkpag_u95av2llozZnzUpUDb-ghEdeINu-C3RKRUM_NxaM2dICThYReb5j8q8hxwbH7vFOS62rt45AGw7ReU2IRyqSh9tVFOGc7HjqjS5VIR5uwIQ4EhHpIOvIxzoWLla-uaf1NLzJN-1L_N3E_nDuPA&cb=99l6yphxgtzz
Frame ID: 3499BEF9AA70B3EB4D2EAA86210A60BC
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nngirls.xyz

Page URL History Show full URLs

http://nngirls.xyz/ HTTP 302
http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462 Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

16
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

456 kB
Transfer

1145 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nngirls.xyz/ HTTP 302
http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google.com/afs/ads?adtest=off&psid=6726908358&pcsa=false&channel=pid-bodis-gcontrol36%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol309%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol439&client=dp-bodis01_js&r=m&hl=en&rpbu=http%3A%2F%2Fww25.nngirls.xyz%3Fcaf%26subid1%3D20230209-2047-541c-ae7e-4c4c668ac462&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2876836166450698&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301075%2C17301078&format=r7&nocache=1531675936077347&num=0&output=afd_ads&domain_name=ww25.nngirls.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1675936077348&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&cl=503972142&uio=-&cont=rs&jsid=caf&jsv=503972142&rurl=http%3A%2F%2Fww25.nngirls.xyz%2F%3Fsubid1%3D20230209-2047-541c-ae7e-4c4c668ac462&adbw=master-1%3A1584 HTTP 302
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol309%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol439%26client%3Ddp-bodis01_js%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.nngirls.xyz%253Fcaf%2526subid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2876836166450698%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301075%252C17301078%26format%3Dr7%26nocache%3D1531675936077347%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.nngirls.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1675936077348%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D503972142%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D503972142%26rurl%3Dhttp%253A%252F%252Fww25.nngirls.xyz%252F%253Fsubid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dEcGM2Ck58GIjC7XMxDe2EeWVhTjWlp4zORtgycitqR2qHsBKA16AR_ab_UJCXDGb78Vbo5WAOlRiAyAXI

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ww25.nngirls.xyz/
Redirect Chain

http://nngirls.xyz/
http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462

975 B
2 KB

1253ms
493ms

Document
text/html

199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 2f5e59520ca162d06672964096d84e4cc789079fb59e7e2fcea05c6a07c08d76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-CH: sec-ch-prefers-color-scheme
Cache-Control: no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Critical-CH: sec-ch-prefers-color-scheme
Date: Thu, 09 Feb 2023 09:47:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_fTt6vkIwUm6L4wh8nfEUL17qKYRx6p6WyGjRxl/IXDGyxT1aD1Oqre9Ylswwkpnb/Nt41Lyx1i5qVo2QW5fn7w==

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 09 Feb 2023 09:47:54 GMT
location: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK parking.2.102.2.js Show response
ww25.nngirls.xyz/js/ 67 KB
22 KB 296ms
296ms Script
application/javascript 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.nngirls.xyz/js/parking.2.102.2.js
Requested by: Host: ww25.nngirls.xyz
URL: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 422ff7cea74cc7734dff87e872927ae28c17b15a0e2c104d90c53736c6568dc6

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Feb 2023 09:47:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 21:18:09 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _fd Show response
ww25.nngirls.xyz/ 4 KB
2 KB 336ms
336ms Fetch
text/html 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.nngirls.xyz/_fd?subid1=20230209-2047-541c-ae7e-4c4c668ac462
Requested by: Host: ww25.nngirls.xyz
URL: http://ww25.nngirls.xyz/js/parking.2.102.2.js
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f47b9982f59dcc6fc919231f4b45b8a70a62783c2ec075aa8b218087dc41909

Request headers

Accept: application/json
Referer: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.102.2
Date: Thu, 09 Feb 2023 09:47:56 GMT
Content-Encoding: gzip
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 145 KB
53 KB 578ms
195ms Script
text/javascript 172.217.194.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.nngirls.xyz
URL: http://ww25.nngirls.xyz/js/parking.2.102.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f103.1e100.net

Software

sffe /

Resource Hash

eb117b2fb37a531c8ae8500137c7abfcb8951d0b1dd7711f7c52fcea17ad4958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.nngirls.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 09:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "12996215063195244498"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Thu, 09 Feb 2023 09:47:56 GMT

GET
H/1.1 200
OK px.gif
ww25.nngirls.xyz/ 42 B
421 B 295ms
295ms Image
image/gif 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.nngirls.xyz/px.gif?ch=1&rn=2.1742935720129477
Requested by: Host: ww25.nngirls.xyz
URL: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Feb 2023 09:47:56 GMT
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK px.gif
ww25.nngirls.xyz/ 42 B
421 B 590ms
493ms Image
image/gif 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.nngirls.xyz/px.gif?ch=2&rn=2.1742935720129477
Requested by: Host: ww25.nngirls.xyz
URL: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.nngirls.xyz/?subid1=20230209-2047-541c-ae7e-4c4c668ac462
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Feb 2023 09:47:56 GMT
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 362 B
593 B 577ms
192ms Script
text/javascript 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.nngirls.xyz&client=partner-dp-bodis01_js&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

cafe /

Resource Hash

07954613a9acb9035296f2fc833857621113d499150b280db1774c9c209770b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.nngirls.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 09:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241
x-xss-protection: 0

GET
H3

429

index Show response
www.google.com/sorry/ Frame 205F
Redirect Chain

https://www.google.com/afs/ads?adtest=off&psid=6726908358&pcsa=false&channel=pid-bodis-gcontrol36%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol309%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol439&clie...
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-...

6 KB
6 KB

192ms
192ms

Document
text/html

172.217.194.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol309%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol439%26client%3Ddp-bodis01_js%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.nngirls.xyz%253Fcaf%2526subid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2876836166450698%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301075%252C17301078%26format%3Dr7%26nocache%3D1531675936077347%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.nngirls.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1675936077348%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D503972142%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D503972142%26rurl%3Dhttp%253A%252F%252Fww25.nngirls.xyz%252F%253Fsubid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dEcGM2Ck58GIjC7XMxDe2EeWVhTjWlp4zORtgycitqR2qHsBKA16AR_ab_UJCXDGb78Vbo5WAOlRiAyAXI

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f103.1e100.net

Software

HTTP server (unknown) /

Resource Hash

62f6a317c3a8e31655fcc1a044307f23739a47e1af4586f49df956ba9284f5eb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ww25.nngirls.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate
content-length: 5821
content-type: text/html
date: Thu, 09 Feb 2023 09:47:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1334
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
date: Thu, 09 Feb 2023 09:47:57 GMT
location: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol309%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol439%26client%3Ddp-bodis01_js%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.nngirls.xyz%253Fcaf%2526subid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2876836166450698%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301075%252C17301078%26format%3Dr7%26nocache%3D1531675936077347%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.nngirls.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1675936077348%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D503972142%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D503972142%26rurl%3Dhttp%253A%252F%252Fww25.nngirls.xyz%252F%253Fsubid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dEcGM2Ck58GIjC7XMxDe2EeWVhTjWlp4zORtgycitqR2qHsBKA16AR_ab_UJCXDGb78Vbo5WAOlRiAyAXI
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-frame-options: SAMEORIGIN
x-hallmonitor-challenge: CgwIzYKTnwYQ3_7QygISBK310Rw
x-xss-protection: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 205F 850 B
572 B 194ms
193ms Script
text/javascript 172.217.194.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol309%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol439%26client%3Ddp-bodis01_js%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.nngirls.xyz%253Fcaf%2526subid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2876836166450698%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301075%252C17301078%26format%3Dr7%26nocache%3D1531675936077347%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.nngirls.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1675936077348%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D503972142%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D503972142%26rurl%3Dhttp%253A%252F%252Fww25.nngirls.xyz%252F%253Fsubid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dEcGM2Ck58GIjC7XMxDe2EeWVhTjWlp4zORtgycitqR2qHsBKA16AR_ab_UJCXDGb78Vbo5WAOlRiAyAXI

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f103.1e100.net

Software

GSE /

Resource Hash

51357fd166ae58d1bd86aa736a670ad32debe228480a788a0ee0681ebfa3780f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol309%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol439%26client%3Ddp-bodis01_js%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.nngirls.xyz%253Fcaf%2526subid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2876836166450698%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301075%252C17301078%26format%3Dr7%26nocache%3D1531675936077347%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.nngirls.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1675936077348%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D503972142%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D503972142%26rurl%3Dhttp%253A%252F%252Fww25.nngirls.xyz%252F%253Fsubid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dEcGM2Ck58GIjC7XMxDe2EeWVhTjWlp4zORtgycitqR2qHsBKA16AR_ab_UJCXDGb78Vbo5WAOlRiAyAXI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 09:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 551
x-xss-protection: 1; mode=block
expires: Thu, 09 Feb 2023 09:47:58 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 205F 404 KB
161 KB 575ms
191ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164579
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 17:25:36 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3499 43 KB
23 KB 203ms
202ms Document
text/html 172.217.194.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=normal&s=mR5RWfYE9UpVwURxFyvEJKAKFom6c3N0B5pT7p-RXI8sjSXOaGq22tsEMVOLNTR3OJ5ugpv_KuTo8Zf3bpT0oLtg_BHVC9sPasdfPd-1xa1hoGOg5zItXAd9gdTO6mizju_6cy7Dkpag_u95av2llozZnzUpUDb-ghEdeINu-C3RKRUM_NxaM2dICThYReb5j8q8hxwbH7vFOS62rt45AGw7ReU2IRyqSh9tVFOGc7HjqjS5VIR5uwIQ4EhHpIOvIxzoWLla-uaf1NLzJN-1L_N3E_nDuPA&cb=99l6yphxgtzz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f103.1e100.net

Software

GSE /

Resource Hash

86bc1461d447faaa6d08b91bf6d1547782fc83cf5945a608a46c17a2c09044e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TKsco_f3cLx6JNF_CDAhjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol309%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol439%26client%3Ddp-bodis01_js%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.nngirls.xyz%253Fcaf%2526subid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2876836166450698%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301075%252C17301078%26format%3Dr7%26nocache%3D1531675936077347%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.nngirls.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1675936077348%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D503972142%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D503972142%26rurl%3Dhttp%253A%252F%252Fww25.nngirls.xyz%252F%253Fsubid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dEcGM2Ck58GIjC7XMxDe2EeWVhTjWlp4zORtgycitqR2qHsBKA16AR_ab_UJCXDGb78Vbo5WAOlRiAyAXI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23223
content-security-policy: script-src 'report-sample' 'nonce-TKsco_f3cLx6JNF_CDAhjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 09:47:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 3499 55 KB
24 KB 575ms
194ms Stylesheet
text/css 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&size=normal&s=mR5RWfYE9UpVwURxFyvEJKAKFom6c3N0B5pT7p-RXI8sjSXOaGq22tsEMVOLNTR3OJ5ugpv_KuTo8Zf3bpT0oLtg_BHVC9sPasdfPd-1xa1hoGOg5zItXAd9gdTO6mizju_6cy7Dkpag_u95av2llozZnzUpUDb-ghEdeINu-C3RKRUM_NxaM2dICThYReb5j8q8hxwbH7vFOS62rt45AGw7ReU2IRyqSh9tVFOGc7HjqjS5VIR5uwIQ4EhHpIOvIxzoWLla-uaf1NLzJN-1L_N3E_nDuPA&cb=99l6yphxgtzz

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 17:25:38 GMT

GET
H3 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 3499 404 KB
161 KB 676ms
296ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164579
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 17:25:36 GMT

GET
DATA 200
OK truncated
/ Frame 3499 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3499 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3499 0
0

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3499 0
0

GET webworker.js
www.google.com/recaptcha/api2/ Frame 3499 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/logo_48.png

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nngirls.xyz/	1970-01-20 19:08:16	Name: __tad Value: 1675936074.7362716
ww25.nngirls.xyz/	1970-01-20 09:32:16	Name: parking_session Value: ffd8996a-afd3-d46b-37d6-577c7067203e
.nngirls.xyz/	1970-01-20 18:53:52	Name: __gsas Value: ID=bdd7a46c91a77e72:T=1675936077:S=ALNI_MYTHEi6GGyyzSC2pohBNlcCcXL-Vg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D6726908358%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol36%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol309%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol439%26client%3Ddp-bodis01_js%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.nngirls.xyz%253Fcaf%2526subid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2876836166450698%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301075%252C17301078%26format%3Dr7%26nocache%3D1531675936077347%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.nngirls.xyz%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1675936077348%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D503972142%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D503972142%26rurl%3Dhttp%253A%252F%252Fww25.nngirls.xyz%252F%253Fsubid1%253D20230209-2047-541c-ae7e-4c4c668ac462%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dEcGM2Ck58GIjC7XMxDe2EeWVhTjWlp4zORtgycitqR2qHsBKA16AR_ab_UJCXDGb78Vbo5WAOlRiAyAXI Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
nngirls.xyz
partner.googleadservices.com
ww25.nngirls.xyz
www.google.com
www.gstatic.com
fonts.gstatic.com
www.google.com
www.gstatic.com
103.224.182.247
172.217.194.103
172.217.194.94
172.253.118.156
199.59.243.222
07954613a9acb9035296f2fc833857621113d499150b280db1774c9c209770b4
2f5e59520ca162d06672964096d84e4cc789079fb59e7e2fcea05c6a07c08d76
422ff7cea74cc7734dff87e872927ae28c17b15a0e2c104d90c53736c6568dc6
51357fd166ae58d1bd86aa736a670ad32debe228480a788a0ee0681ebfa3780f
62f6a317c3a8e31655fcc1a044307f23739a47e1af4586f49df956ba9284f5eb
6b9f7c1a16a42a7c2852a789c0bb646ff49d8776eaf24be4f6c8b5a77abb0210
7f47b9982f59dcc6fc919231f4b45b8a70a62783c2ec075aa8b218087dc41909
86bc1461d447faaa6d08b91bf6d1547782fc83cf5945a608a46c17a2c09044e8
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
eb117b2fb37a531c8ae8500137c7abfcb8951d0b1dd7711f7c52fcea17ad4958
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

ww25.nngirls.xyz Open in urlscan Pro 199.59.243.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

50 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

5 IPs

2 Countries

456 kBTransfer

1145 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

ww25.nngirls.xyz Open in urlscan Pro
199.59.243.222 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

456 kB
Transfer

1145 kB
Size

3
Cookies

16 HTTP transactions
2 data transactions