nextdaysrl.com Open in urlscan Pro
192.185.73.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u16663172.ct.sendgrid.net/ls/click?upn=u001.JsWXG5b5PDiA3xV4VstbXplj5h7FsG2CMMdjNaTZw-2Bk3-2BMRkwItm1KLeEHB9MmQztr0G_tG-2F...
Effective URL:
https://nextdaysrl.com/CB/home.php?id=146.70.85.164
Submission: On March 25 via manual (March 25th 2024, 2:12:39 am UTC) from PL — Scanned from PL

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 34 HTTP transactions. The main IP is 192.185.73.15, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is nextdaysrl.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 17th 2024. Valid for: 3 months.

This is the only time nextdaysrl.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Coinbase (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID)
2 6	192.185.73.15 192.185.73.15	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
2	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
4	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
3	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
34	6

1 167.89.123.16 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u16663172.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.185.73.15 (United States) 2 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-73-15.unifiedlayer.com

nextdaysrl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com www.google.com — Cisco Umbrella Rank: 5	80 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	469 KB
6	nextdaysrl.com 2 redirects nextdaysrl.com	10 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	33 KB
1	sendgrid.net 1 redirects u16663172.ct.sendgrid.net	228 B
0	jquery.com Failed code.jquery.com Failed
34	6

	Domain	Requested by
12	www.google.com	nextdaysrl.com www.gstatic.com www.google.com
6	nextdaysrl.com	2 redirects nextdaysrl.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	fonts.gstatic.com	www.google.com
2	cdn.jsdelivr.net	nextdaysrl.com
1	u16663172.ct.sendgrid.net	1 redirects
0	code.jquery.com Failed	nextdaysrl.com
34	7

This site contains no links.

Subject Issuer	Validity	Valid
nextdaysrl.com cPanel, Inc. Certification Authority	`2024-03-17` - `2024-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://nextdaysrl.com/CB/home.php?id=146.70.85.164
Frame ID: FB869483331E6B87F5BBC334D8E4DD67
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
Frame ID: CFA65DB59905C4E52DA352AB2019833E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u16663172.ct.sendgrid.net/ls/click?upn=u001.JsWXG5b5PDiA3xV4VstbXplj5h7FsG2CMMdjNaTZw-2Bk3-2BMRkwItm1K... HTTP 302
https://nextdaysrl.com/CB HTTP 301
https://nextdaysrl.com/CB/ Page URL
https://nextdaysrl.com/CB/pro/unlock.php HTTP 302
https://nextdaysrl.com/CB/home.php?id=146.70.85.164 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

34
Requests

74 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

592 kB
Transfer

1464 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u16663172.ct.sendgrid.net/ls/click?upn=u001.JsWXG5b5PDiA3xV4VstbXplj5h7FsG2CMMdjNaTZw-2Bk3-2BMRkwItm1KLeEHB9MmQztr0G_tG-2FpTLrd7rGLquAJ8JWKfPlD3h5qS1NzvEZjo-2BD5IRDHS0W-2BgXYnYMSuA-2Bxmml88lMKQ6Q-2Fw7pBrBmDOd0-2F11RdpUYysYzBDxWSitz2Lwoi-2BDkjFO7LGrc38GPyidBpa4KBJ5BNdZRuvjm2w8BXoTCql8Z0oH5qwZmD3ZgzxVuTZTBKjrf-2FPEiTavwJAmkxRMYAip2skPiQ3pI-2Fkm-2FwNGoGazxVqKlnPdpPNQhKnmV-2FFHXclLFrSDiDAMRFzLiI16dDKEea69s1EXP1IAKGx16xjuz9nl2uJgHAssfU6214cSOD69o8jE3tdD16KPFR-2F HTTP 302
https://nextdaysrl.com/CB HTTP 301
https://nextdaysrl.com/CB/ Page URL
https://nextdaysrl.com/CB/pro/unlock.php HTTP 302
https://nextdaysrl.com/CB/home.php?id=146.70.85.164 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u16663172.ct.sendgrid.net/ls/click?upn=u001.JsWXG5b5PDiA3xV4VstbXplj5h7FsG2CMMdjNaTZw-2Bk3-2BMRkwItm1KLeEHB9MmQztr0G_tG-2FpTLrd7rGLquAJ8JWKfPlD3h5qS1NzvEZjo-2BD5IRDHS0W-2BgXYnYMSuA-2Bxmml88lMKQ6Q-2Fw7pBrBmDOd0-2F11RdpUYysYzBDxWSitz2Lwoi-2BDkjFO7LGrc38GPyidBpa4KBJ5BNdZRuvjm2w8BXoTCql8Z0oH5qwZmD3ZgzxVuTZTBKjrf-2FPEiTavwJAmkxRMYAip2skPiQ3pI-2Fkm-2FwNGoGazxVqKlnPdpPNQhKnmV-2FFHXclLFrSDiDAMRFzLiI16dDKEea69s1EXP1IAKGx16xjuz9nl2uJgHAssfU6214cSOD69o8jE3tdD16KPFR-2F HTTP 302
https://nextdaysrl.com/CB HTTP 301
https://nextdaysrl.com/CB/

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
nextdaysrl.com/CB/
Redirect Chain

https://u16663172.ct.sendgrid.net/ls/click?upn=u001.JsWXG5b5PDiA3xV4VstbXplj5h7FsG2CMMdjNaTZw-2Bk3-2BMRkwItm1KLeEHB9MmQztr0G_tG-2FpTLrd7rGLquAJ8JWKfPlD3h5qS1NzvEZjo-2BD5IRDHS0W-2BgXYnYMSuA-2Bxmml88...
https://nextdaysrl.com/CB
https://nextdaysrl.com/CB/

2 KB
1 KB

1994ms
1994ms

Document
text/html

192.185.73.15
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nextdaysrl.com/CB/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.73.15 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-73-15.unifiedlayer.com
Software: nginx/1.23.4 /
Resource Hash: 842d74df9cf8763be7397ee1fe0b7626183dcede216a83aad7d1c14f2ea6f00d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 897
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 02:12:34 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.23.4
vary: Accept-Encoding
x-server-cache: false

Redirect headers

content-length: 234
content-type: text/html; charset=iso-8859-1
date: Mon, 25 Mar 2024 02:12:32 GMT
location: https://nextdaysrl.com/CB/
server: nginx/1.23.4
x-server-cache: false

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 227 KB
33 KB 437ms
53ms Stylesheet
text/css 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css

Requested by

Host: nextdaysrl.com
URL: https://nextdaysrl.com/CB/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nextdaysrl.com/
Origin: https://nextdaysrl.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 02:12:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 988770
x-jsd-version: 5.3.3
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbGN9HZdOkRLwIBLaPDkIpKr0GTI2SLnEn3jLxnC5s1K1VwiprmMBBDioFmBuEmlUTlT8wAA4NCVpnijJD1Oa7BQvarDiim15RGwwx2HfWmaTWUIqeqWrhW5lCfHpTctnTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 869b607819a930db-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 450ms
54ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: nextdaysrl.com
URL: https://nextdaysrl.com/CB/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

a8be613bd02db85089823c3d65430f65b0ab5be954b02e38b9bb56c254d68e63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://nextdaysrl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 02:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:35 GMT

GET
H2 200 loading.css
nextdaysrl.com/CB/assets/css/ 583 B
398 B 155ms
155ms Stylesheet
text/css 192.185.73.15
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nextdaysrl.com/CB/assets/css/loading.css
Requested by: Host: nextdaysrl.com
URL: https://nextdaysrl.com/CB/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.73.15 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-73-15.unifiedlayer.com
Software: Apache /
Resource Hash: 47cb4dc60b35a70e780c7bb69c5b4064550604894aa320677959fa1d1ab148b3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://nextdaysrl.com/CB/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 02:12:34 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 22:17:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 325

GET
H2 200 Consumer_Wordmark.svg
nextdaysrl.com/CB/assets/img/ 4 KB
4 KB 153ms
153ms Image
image/svg+xml 192.185.73.15
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextdaysrl.com/CB/assets/img/Consumer_Wordmark.svg
Requested by: Host: nextdaysrl.com
URL: https://nextdaysrl.com/CB/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.73.15 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-73-15.unifiedlayer.com
Software: Apache /
Resource Hash: 126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://nextdaysrl.com/CB/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 02:12:35 GMT
last-modified: Fri, 15 Mar 2024 02:49:26 GMT
server: Apache
accept-ranges: bytes
content-length: 3788
content-type: image/svg+xml

GET
H2 200 recaptcha__pl.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ 500 KB
200 KB 440ms
45ms Script
text/javascript 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

88b37bffa8e9efb2988a612906ee36f47619eb388f0ca63c7e5dce5e2dab7133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nextdaysrl.com/
Origin: https://nextdaysrl.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204011
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 19:56:03 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CFA6 45 KB
28 KB 72ms
71ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

e9903792da0e7aa556c3b0f56497775e4d01d691433af6b3e1cd4c498add0149

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qxuyAIfD4RT6QPkqAhkm5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nextdaysrl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qxuyAIfD4RT6QPkqAhkm5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Mar 2024 02:12:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame CFA6 55 KB
25 KB 438ms
44ms Stylesheet
text/css 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 21:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Mar 2025 21:11:40 GMT

GET
H2 200 recaptcha__pl.js Show response
www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/ Frame CFA6 500 KB
199 KB 480ms
86ms Script
text/javascript 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

88b37bffa8e9efb2988a612906ee36f47619eb388f0ca63c7e5dce5e2dab7133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 19:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204011
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 18:14:50 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 19:56:03 GMT

GET
H2 200 EjxzGPAryMU26y2dRD9V9upLfy4pDklTg-Mq911i97I.js Show response
www.google.com/js/bg/ Frame CFA6 17 KB
8 KB 44ms
44ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/EjxzGPAryMU26y2dRD9V9upLfy4pDklTg-Mq911i97I.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

sffe /

Resource Hash

123c7318f02bc8c536eb2d9d443f55f6ea4b7f2e290e495383e32af75d62f7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 497100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7361
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 08:07:36 GMT

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CFA6 2 KB
2 KB 44ms
44ms Image
image/png 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 14:54:26 GMT
x-content-type-options: nosniff
age: 559090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 25 Mar 2024 14:54:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFA6 15 KB
16 KB 306ms
39ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 542417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFA6 15 KB
15 KB 315ms
49ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 14:28:00 GMT
x-content-type-options: nosniff
age: 301476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Mar 2025 14:28:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFA6 12 KB
12 KB 347ms
83ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 10:48:13 GMT
x-content-type-options: nosniff
age: 141863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Mar 2025 10:48:13 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame CFA6 102 B
209 B 53ms
53ms Other
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

57fbc930f6e34e54763bda38cc82f0a618a6c534b3eb51e48a22e120c029901f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 02:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:36 GMT

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame CFA6 14 KB
11 KB 82ms
81ms XHR
application/json 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

467c92a13439b12b034ba4398796f47592ad0d1bcbc161e60b830baf8009bee5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 25 Mar 2024 02:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:37 GMT

POST
H2 200 clr Show response
www.google.com/recaptcha/api2/ Frame CFA6 0
70 B 58ms
57ms XHR
application/binary 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/clr?k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuf

Response headers

date: Mon, 25 Mar 2024 02:12:37 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/binary
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:37 GMT

POST unlock.php
nextdaysrl.com/CB/pro/ 0
0

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame CFA6 14 KB
11 KB 88ms
87ms XHR
application/json 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

972b0e9d4c36e6c9c4dee1e6af8ab161934818420ad57a11a974a5d1011e66ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 25 Mar 2024 02:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:37 GMT

POST
H2 200 clr Show response
www.google.com/recaptcha/api2/ Frame CFA6 0
54 B 61ms
61ms XHR
application/binary 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/clr?k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuf

Response headers

date: Mon, 25 Mar 2024 02:12:37 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/binary
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:37 GMT

POST unlock.php
nextdaysrl.com/CB/pro/ 0
0

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame CFA6 14 KB
11 KB 86ms
86ms XHR
application/json 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

59c6368d28fbd764d9054b5a5eb50b97656437b681f45cb1ae6258e32e0b3eb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 25 Mar 2024 02:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:37 GMT

POST
H2 200 clr Show response
www.google.com/recaptcha/api2/ Frame CFA6 0
54 B 58ms
57ms XHR
application/binary 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/clr?k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuf

Response headers

date: Mon, 25 Mar 2024 02:12:37 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/binary
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:37 GMT

POST unlock.php
nextdaysrl.com/CB/pro/ 0
0

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame CFA6 14 KB
11 KB 88ms
87ms XHR
application/json 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

b026822b378e888a82e771b5f055ecd7aebe53a2049922050b2f3797f09c3f23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 25 Mar 2024 02:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:38 GMT

POST
H2 200 clr
www.google.com/recaptcha/api2/ Frame CFA6 0
54 B 55ms
55ms XHR
application/binary 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/clr?k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Hq4JZivTyQ7GP8Kt571Tzodj/recaptcha__pl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdVd6IpAAAAABVq2sFgZruOHttqX9gUUoNUZYCB&co=aHR0cHM6Ly9uZXh0ZGF5c3JsLmNvbTo0NDM.&hl=pl&v=Hq4JZivTyQ7GP8Kt571Tzodj&size=invisible&cb=986o193ujebl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-protobuf

Response headers

date: Mon, 25 Mar 2024 02:12:38 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/binary
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 02:12:38 GMT

GET
H2

200

Primary Request home.php
nextdaysrl.com/CB/
Redirect Chain

https://nextdaysrl.com/CB/pro/unlock.php
https://nextdaysrl.com/CB/home.php?id=146.70.85.164

11 KB
5 KB

1224ms
1224ms

Document
text/html

192.185.73.15
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nextdaysrl.com/CB/home.php?id=146.70.85.164
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.73.15 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-73-15.unifiedlayer.com
Software: nginx/1.23.4 /
Resource Hash

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://nextdaysrl.com
Referer: https://nextdaysrl.com/CB/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 4865
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 02:12:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.23.4
vary: Accept-Encoding
x-server-cache: false

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 02:12:38 GMT
location: ../home.php?id=146.70.85.164
server: Apache

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 0
0 53ms
52ms Stylesheet
text/css 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css

Requested by

Host: nextdaysrl.com
URL: https://nextdaysrl.com/CB/home.php?id=146.70.85.164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nextdaysrl.com/
Origin: https://nextdaysrl.com
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 02:12:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 988774
x-jsd-version: 5.3.3
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA, cache-lga21940-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=As1ctfEmapH9U%2BSkDzhRU00HTFmI%2B9qHTrtSejH3WVUPK2prKMA2zI8rJLe%2FTP7EmBG%2Bwb1y1zsdjmPP0Wnfv1fcLNwP2Ds7U3YZLYBpDErAr0NDTg9YGhXuTqG%2B2J0VN%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 869b60941df530db-FRA

GET style.css
nextdaysrl.com/CB/assets/css/ 0
0

GET main.css
nextdaysrl.com/CB/assets/css/ 0
0

GET Consumer_Wordmark.svg
nextdaysrl.com/CB/assets/img/ 0
0

GET jquery-3.5.1.slim.min.js
code.jquery.com/ 0
0

GET popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.5.4/dist/umd/ 0
0

GET bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nextdaysrl.com
URL: https://nextdaysrl.com/CB/pro/unlock.php

Domain: nextdaysrl.com
URL: https://nextdaysrl.com/CB/pro/unlock.php

Domain: nextdaysrl.com
URL: https://nextdaysrl.com/CB/pro/unlock.php

Domain: nextdaysrl.com
URL: https://nextdaysrl.com/CB/assets/css/style.css

Domain: nextdaysrl.com
URL: https://nextdaysrl.com/CB/assets/css/main.css

Domain: nextdaysrl.com
URL: https://nextdaysrl.com/CB/assets/img/Consumer_Wordmark.svg

Domain: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.slim.min.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@popperjs/core@2.5.4/dist/umd/popper.min.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Coinbase (Crypto Exchange)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 23:41:24	Name: _GRECAPTCHA Value: 09ALdkYXQM2C4AadezSopWU1qIn7tfn0U1DmRQXqhYtgzukiJskcXt8FCK1gW1IvweOOaOcToahP_LwmV6W3EpsrA
			nextdaysrl.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 84a7c113ef65fa2fbf48e81e3a505da4

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://nextdaysrl.com/CB/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
fonts.gstatic.com
nextdaysrl.com
u16663172.ct.sendgrid.net
www.google.com
www.gstatic.com
cdn.jsdelivr.net
code.jquery.com
nextdaysrl.com
104.16.87.20
142.250.184.195
167.89.123.16
172.217.16.195
192.185.73.15
216.58.206.68
123c7318f02bc8c536eb2d9d443f55f6ea4b7f2e290e495383e32af75d62f7b2
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
467c92a13439b12b034ba4398796f47592ad0d1bcbc161e60b830baf8009bee5
47cb4dc60b35a70e780c7bb69c5b4064550604894aa320677959fa1d1ab148b3
57fbc930f6e34e54763bda38cc82f0a618a6c534b3eb51e48a22e120c029901f
59c6368d28fbd764d9054b5a5eb50b97656437b681f45cb1ae6258e32e0b3eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
842d74df9cf8763be7397ee1fe0b7626183dcede216a83aad7d1c14f2ea6f00d
88b37bffa8e9efb2988a612906ee36f47619eb388f0ca63c7e5dce5e2dab7133
972b0e9d4c36e6c9c4dee1e6af8ab161934818420ad57a11a974a5d1011e66ff
a8be613bd02db85089823c3d65430f65b0ab5be954b02e38b9bb56c254d68e63
b026822b378e888a82e771b5f055ecd7aebe53a2049922050b2f3797f09c3f23
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9903792da0e7aa556c3b0f56497775e4d01d691433af6b3e1cd4c498add0149

nextdaysrl.com Open in urlscan Pro 192.185.73.15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

74 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

592 kBTransfer

1464 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

2 Cookies

nextdaysrl.com Open in urlscan Pro
192.185.73.15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

74 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

592 kB
Transfer

1464 kB
Size

2
Cookies

34 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!