ww25.fiducialink.icu Open in urlscan Pro
199.59.243.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fiducialink.icu/
Effective URL:
http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
Submission: On March 05 via api (March 5th 2023, 10:04:57 pm UTC) from US — Scanned from AU

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 199.59.243.222, located in United States and belongs to AMAZON-02, US. The main domain is ww25.fiducialink.icu.

This is the only time ww25.fiducialink.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.210 103.224.182.210	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
5	199.59.243.222 199.59.243.222	16509 (AMAZON-02) (AMAZON-02)
1 7	172.217.194.105 172.217.194.105	15169 (GOOGLE) (GOOGLE)
1	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
4	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
19	5

1 103.224.182.210 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-210.above.com

fiducialink.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.59.243.222 (United States)

ASN16509 (AMAZON-02, US)

ww25.fiducialink.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.194.105 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	88 KB
6	fiducialink.icu 1 redirects fiducialink.icu ww25.fiducialink.icu	27 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com Failed	348 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	595 B
19	4

	Domain	Requested by
7	www.google.com	1 redirects ww25.fiducialink.icu www.google.com www.gstatic.com
5	ww25.fiducialink.icu	ww25.fiducialink.icu
4	www.gstatic.com	www.google.com www.gstatic.com
1	partner.googleadservices.com	www.google.com
1	fiducialink.icu	1 redirects
0	fonts.gstatic.com Failed	www.google.com
19	6

This site contains no links.

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
Frame ID: 0EF467796FB84159A88FE58F08B5D1E5
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI
Frame ID: C456549A979599830B925EDE3643236B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&size=normal&s=5V7WjH85__EkfsUhI00btcrd6IaqwYmlDYZplyfJp73_vWZ4n9Wse_u00WGmLtwFoR5wEt3bTvRCW3Fg1KKscrUvW5YSMFznuvfoswwrRUeuyMrjIW4xingpmBRu8Pr6ntcO3R-FBRV0KQkdF1iUphvgqEpBi577QnmMMUnPZtvZ12l33RQiAWTvH5ul9K4d1AhZHM7FbYDXHoUfAYTgsD7neoE1AzpE0x5BHl-PRqjyWxIL8U8GfY40UdKmp5uPYHMRUinLlFELCoKG3qcE95AYiZa-lX0&cb=fwgvfhvnzbto
Frame ID: 4C27B9715DE8557F3286C1B0BC75AF4D
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Frame ID: 89C1361967842AF15CD59D83B4ADA7D0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fiducialink.icu

Page URL History Show full URLs

http://fiducialink.icu/ HTTP 302
http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959 Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

19
Requests

58 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

463 kB
Transfer

1159 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fiducialink.icu/ HTTP 302
http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google.com/afs/ads?adtest=off&psid=7277763864&pcsa=false&channel=pid-bodis-gcontrol32%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&client=dp-bodis31_3ph&r=m&hl=en&rpbu=http%3A%2F%2Fww25.fiducialink.icu%3Fcaf%26subid1%3D20230306-0904-5169-8343-d4a393e3f959&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2589285024539458&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=5641678053893758&num=0&output=afd_ads&domain_name=ww25.fiducialink.icu&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1678053893760&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=76&frm=0&cl=513568616&uio=-&cont=rs&jsid=caf&jsv=513568616&rurl=http%3A%2F%2Fww25.fiducialink.icu%2F%3Fsubid1%3D20230306-0904-5169-8343-d4a393e3f959&adbw=master-1%3A1584 HTTP 302
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ww25.fiducialink.icu/
Redirect Chain

http://fiducialink.icu/
http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959

987 B
2 KB

870ms
578ms

Document
text/html

199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: c8cfe0ed51387ad4525bcb921e09b3c2c5c4e318a6b3a6f2f0713030de38ab85

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-CH: sec-ch-prefers-color-scheme
Cache-Control: no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Critical-CH: sec-ch-prefers-color-scheme
Date: Sun, 05 Mar 2023 22:04:52 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_kZngqXGuKr3G8pypzwxqhfic4/zNok+A0iBhWOiBAM1S7OdBKG/y0ioXcghHn5xAecqF2ZfUcrMI84kRPvvtmA==

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 05 Mar 2023 22:04:51 GMT
location: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK parking.2.103.1.js Show response
ww25.fiducialink.icu/js/ 67 KB
22 KB 355ms
354ms Script
application/javascript 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.fiducialink.icu/js/parking.2.103.1.js
Requested by: Host: ww25.fiducialink.icu
URL: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ca10303b12baf7192561fee87604ea962a925b7070412e0bd2f8be53510b6f9c

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:04:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 18:58:45 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _fd Show response
ww25.fiducialink.icu/ 4 KB
2 KB 395ms
395ms Fetch
text/html 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.fiducialink.icu/_fd?subid1=20230306-0904-5169-8343-d4a393e3f959
Requested by: Host: ww25.fiducialink.icu
URL: http://ww25.fiducialink.icu/js/parking.2.103.1.js
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 0404a8920c1008cd5066642bab152f04910f2980bacc1cd9766658c3102671da

Request headers

Accept: application/json
Referer: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.103.1
Date: Sun, 05 Mar 2023 22:04:53 GMT
Content-Encoding: gzip
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 144 KB
53 KB 585ms
196ms Script
text/javascript 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.fiducialink.icu
URL: http://ww25.fiducialink.icu/js/parking.2.103.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

sffe /

Resource Hash

c221243f26c0bf1fd761c8f1d818b1af890294f6c1c937408c46c792370e912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.fiducialink.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "417803046430739878"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Sun, 05 Mar 2023 22:04:53 GMT

GET
H/1.1 200
OK px.gif
ww25.fiducialink.icu/ 42 B
421 B 353ms
353ms Image
image/gif 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.fiducialink.icu/px.gif?ch=1&rn=10.76492234938619
Requested by: Host: ww25.fiducialink.icu
URL: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:04:53 GMT
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK px.gif
ww25.fiducialink.icu/ 42 B
421 B 678ms
578ms Image
image/gif 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.fiducialink.icu/px.gif?ch=2&rn=10.76492234938619
Requested by: Host: ww25.fiducialink.icu
URL: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.fiducialink.icu/?subid1=20230306-0904-5169-8343-d4a393e3f959
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:04:53 GMT
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 370 B
595 B 583ms
195ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.fiducialink.icu&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

37e909d73de892a92fc0ee12dc5528eaa2aedffec4c515998404b3dcfd6d4051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://ww25.fiducialink.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243
x-xss-protection: 0

GET
H3

429

index Show response
www.google.com/sorry/ Frame C456
Redirect Chain

https://www.google.com/afs/ads?adtest=off&psid=7277763864&pcsa=false&channel=pid-bodis-gcontrol32%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol488&clie...
https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-...

6 KB
6 KB

194ms
194ms

Document
text/html

172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

HTTP server (unknown) /

Resource Hash

fa104609bcc696c4f011de3531b0f2de922ae9f2a23876459a4e89ab8a03b630

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ww25.fiducialink.icu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate
content-length: 5761
content-type: text/html
date: Sun, 05 Mar 2023 22:04:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sun, 05 Mar 2023 22:04:54 GMT
location: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-frame-options: SAMEORIGIN
x-hallmonitor-challenge: CgwIhqSUoAYQ2sv7kwESBK310Vg
x-xss-protection: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame C456 850 B
576 B 197ms
197ms Script
text/javascript 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

GSE /

Resource Hash

e81bb2075cae41c57544fbcf7dd0bfa2a4215ba11dc0fb6fab2d10ddfa9f27cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Sun, 05 Mar 2023 22:04:54 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame C456 404 KB
161 KB 582ms
193ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

f88f2a9d0d61420da880783f8bb9b831a201caa2dec40eb3718206a5342a7cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 07:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164647
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 07:37:52 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4C27 48 KB
26 KB 215ms
215ms Document
text/html 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&size=normal&s=5V7WjH85__EkfsUhI00btcrd6IaqwYmlDYZplyfJp73_vWZ4n9Wse_u00WGmLtwFoR5wEt3bTvRCW3Fg1KKscrUvW5YSMFznuvfoswwrRUeuyMrjIW4xingpmBRu8Pr6ntcO3R-FBRV0KQkdF1iUphvgqEpBi577QnmMMUnPZtvZ12l33RQiAWTvH5ul9K4d1AhZHM7FbYDXHoUfAYTgsD7neoE1AzpE0x5BHl-PRqjyWxIL8U8GfY40UdKmp5uPYHMRUinLlFELCoKG3qcE95AYiZa-lX0&cb=fwgvfhvnzbto

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

GSE /

Resource Hash

aa0547a6ab34c8902f2610f61dc5ec0dc1d5056da1b691edd0ed7d49437f1955

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NYjw8j0Sv7zX3yBrByCZMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26727
content-security-policy: script-src 'report-sample' 'nonce-NYjw8j0Sv7zX3yBrByCZMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:04:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 4C27 55 KB
24 KB 579ms
192ms Stylesheet
text/css 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&size=normal&s=5V7WjH85__EkfsUhI00btcrd6IaqwYmlDYZplyfJp73_vWZ4n9Wse_u00WGmLtwFoR5wEt3bTvRCW3Fg1KKscrUvW5YSMFznuvfoswwrRUeuyMrjIW4xingpmBRu8Pr6ntcO3R-FBRV0KQkdF1iUphvgqEpBi577QnmMMUnPZtvZ12l33RQiAWTvH5ul9K4d1AhZHM7FbYDXHoUfAYTgsD7neoE1AzpE0x5BHl-PRqjyWxIL8U8GfY40UdKmp5uPYHMRUinLlFELCoKG3qcE95AYiZa-lX0&cb=fwgvfhvnzbto

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 07:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 07:37:52 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 4C27 404 KB
161 KB 668ms
282ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

f88f2a9d0d61420da880783f8bb9b831a201caa2dec40eb3718206a5342a7cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 07:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164647
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:46:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 07:37:52 GMT

GET
DATA 200
OK truncated
/ Frame 4C27 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4C27 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4C27 2 KB
2 KB 193ms
193ms Image
image/png 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 20:39:55 GMT
x-content-type-options: nosniff
age: 264302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 20:39:55 GMT

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4C27 0
0

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4C27 102 B
134 B 196ms
196ms Other
text/javascript 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

GSE /

Resource Hash

4cd0d0241cfa3a32348d1eeec1b60059de1ca86475b9a5b734c9caac35a18146

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&size=normal&s=5V7WjH85__EkfsUhI00btcrd6IaqwYmlDYZplyfJp73_vWZ4n9Wse_u00WGmLtwFoR5wEt3bTvRCW3Fg1KKscrUvW5YSMFznuvfoswwrRUeuyMrjIW4xingpmBRu8Pr6ntcO3R-FBRV0KQkdF1iUphvgqEpBi577QnmMMUnPZtvZ12l33RQiAWTvH5ul9K4d1AhZHM7FbYDXHoUfAYTgsD7neoE1AzpE0x5BHl-PRqjyWxIL8U8GfY40UdKmp5uPYHMRUinLlFELCoKG3qcE95AYiZa-lX0&cb=fwgvfhvnzbto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 05 Mar 2023 22:04:57 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 89C1 7 KB
1 KB 198ms
197ms Document
text/html 172.217.194.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=8G7OPK94bhCRbT0VqyEVpQNj&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f105.1e100.net

Software

GSE /

Resource Hash

6f65786627fb569dad0879d231499d298ee88496aaeed84eab410255f6b19cde

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i3T8NEgPSDaQL_6qObwQ0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1121
content-security-policy: script-src 'report-sample' 'nonce-i3T8NEgPSDaQL_6qObwQ0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:04:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET styles__ltr.css
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 89C1 0
0

GET recaptcha__en.js
www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/ Frame 89C1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/styles__ltr.css

Domain: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8G7OPK94bhCRbT0VqyEVpQNj/recaptcha__en.js

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fiducialink.icu/	1970-01-20 19:43:33	Name: __tad Value: 1678053891.4734297
ww25.fiducialink.icu/	1970-01-20 10:07:34	Name: parking_session Value: 9c80e40d-67f9-ff6d-5c6b-1c181169caf9
.fiducialink.icu/	1970-01-20 19:29:09	Name: __gsas Value: ID=9738a4fb2d0aad7f:T=1678053894:S=ALNI_MZIWXz_i4aoiiSmRnQT3liJW0pDhA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.google.com/sorry/index?continue=https://www.google.com/afs/ads%3Fadtest%3Doff%26psid%3D7277763864%26pcsa%3Dfalse%26channel%3Dpid-bodis-gcontrol32%252Cpid-bodis-gcontrol97%252Cpid-bodis-gcontrol322%252Cpid-bodis-gcontrol152%252Cpid-bodis-gcontrol488%26client%3Ddp-bodis31_3ph%26r%3Dm%26hl%3Den%26rpbu%3Dhttp%253A%252F%252Fww25.fiducialink.icu%253Fcaf%2526subid1%253D20230306-0904-5169-8343-d4a393e3f959%26max_radlink_len%3D50%26type%3D3%26uiopt%3Dfalse%26swp%3Das-drid-2589285024539458%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%26format%3Dr3%26nocache%3D5641678053893758%26num%3D0%26output%3Dafd_ads%26domain_name%3Dww25.fiducialink.icu%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D2%26u_tz%3D0%26dt%3D1678053893760%26u_w%3D1600%26u_h%3D1200%26biw%3D1600%26bih%3D1200%26psw%3D1584%26psh%3D76%26frm%3D0%26cl%3D513568616%26uio%3D-%26cont%3Drs%26jsid%3Dcaf%26jsv%3D513568616%26rurl%3Dhttp%253A%252F%252Fww25.fiducialink.icu%252F%253Fsubid1%253D20230306-0904-5169-8343-d4a393e3f959%26adbw%3Dmaster-1%253A1584&hl=en&q=EgSt9dFYGIWklKAGIjBQONrc7XQnEqGYYCBj2cwK_WmpUzHGe9vQ7yphwrpmtl51afPuRB7vdYsEd8nIk3syAXI Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fiducialink.icu
fonts.gstatic.com
partner.googleadservices.com
ww25.fiducialink.icu
www.google.com
www.gstatic.com
fonts.gstatic.com
www.gstatic.com
103.224.182.210
142.251.10.154
172.217.194.105
172.217.194.94
199.59.243.222
0404a8920c1008cd5066642bab152f04910f2980bacc1cd9766658c3102671da
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
37e909d73de892a92fc0ee12dc5528eaa2aedffec4c515998404b3dcfd6d4051
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4cd0d0241cfa3a32348d1eeec1b60059de1ca86475b9a5b734c9caac35a18146
6f65786627fb569dad0879d231499d298ee88496aaeed84eab410255f6b19cde
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
aa0547a6ab34c8902f2610f61dc5ec0dc1d5056da1b691edd0ed7d49437f1955
c221243f26c0bf1fd761c8f1d818b1af890294f6c1c937408c46c792370e912d
c8cfe0ed51387ad4525bcb921e09b3c2c5c4e318a6b3a6f2f0713030de38ab85
ca10303b12baf7192561fee87604ea962a925b7070412e0bd2f8be53510b6f9c
e81bb2075cae41c57544fbcf7dd0bfa2a4215ba11dc0fb6fab2d10ddfa9f27cc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f88f2a9d0d61420da880783f8bb9b831a201caa2dec40eb3718206a5342a7cf4
fa104609bcc696c4f011de3531b0f2de922ae9f2a23876459a4e89ab8a03b630

ww25.fiducialink.icu Open in urlscan Pro 199.59.243.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

58 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

5 IPs

2 Countries

463 kBTransfer

1159 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

ww25.fiducialink.icu Open in urlscan Pro
199.59.243.222 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

58 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

463 kB
Transfer

1159 kB
Size

3
Cookies

19 HTTP transactions
2 data transactions