girls-nsk.cc Open in urlscan Pro
2606:4700:3033::6815:4077  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 3a6947e Show response girls-nsk.cc/	536 B 781 B	570ms 470ms	Document text/html	2606:4700:3033::6815:4077 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://girls-nsk.cc/3a6947e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4077 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash 29daf22ffda1ec79aaf048a9e9601e5779f0c764e9cebb153a1a308d9fdbc079 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f4e03c7dcb81e64-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 11 Aug 2023 05:17:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKR%2FxeVKjUtKoOTkoystOAO3uD7NiLHdl%2FWnmIkNVJ42XwpIUSIuSOZiui9ieYd2zdW4gB8aBe1cKrvVtXIlt4SrD%2FfZrtrxEQ7L8WJmWWtTKRJ0EKT%2FXakW9i18wRi6QM8wrp3%2BNFNeW30%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16
GET H2	200	35JZkB.js Show response d9cshxmf0qazr.cloudfront.net/	29 KB 8 KB	485ms 391ms	Script application/javascript	2600:9000:2057:f000:d:dd3d:89c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Requested by Host: girls-nsk.cc URL: https://girls-nsk.cc/3a6947e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:f000:d:dd3d:89c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b6f2d9b0186292e941a32c2891eb0340d0926abdaf07b5d71ecc99916638dc07 Request headers accept-language de-DE,de;q=0.9 Referer https://girls-nsk.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:16:53 GMT content-encoding br via 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront) last-modified Thu, 10 Aug 2023 23:21:39 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 94 etag W/"c396a0bfc3cc67377401d908f2ab831a" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id p6BrnKlk_pvo7WAyvEI70hucLHIs7cR34dTfLh5L9lKjl5L6mxvT5Q==
GET H2	200	html.4093800.fa61f.0.js Show response d2ze9scn6abmic.cloudfront.net/public/external/v2/	10 KB 10 KB	273ms 189ms	Script application/javascript	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/external/v2/html.4093800.fa61f.0.js Requested by Host: d9cshxmf0qazr.cloudfront.net URL: https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 0fb2b92b210ce4993027148a7a7c254d6df0566fd7f2b14944f6a2f0d012bb0d Request headers accept-language de-DE,de;q=0.9 Referer https://girls-nsk.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:54 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id OfrGgHvFAhdDQ-VqrKSdJ99SqVbBx37pZ87t0QPIc6lMSm5_l1hwCQ==
GET H2	200	css_front.css d2ze9scn6abmic.cloudfront.net/public/external/	6 KB 7 KB	264ms 180ms	Stylesheet text/css	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/external/css_front.css Requested by Host: d9cshxmf0qazr.cloudfront.net URL: https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language de-DE,de;q=0.9 Referer https://girls-nsk.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:54 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id mOQf6yqqXealtRUjMwDDNkyl-notOFe73SL9YWKIuRxJdB8wrTffNg==
GET H2	200	css.css d2ze9scn6abmic.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	327ms 327ms	Stylesheet text/css	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: d9cshxmf0qazr.cloudfront.net URL: https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language de-DE,de;q=0.9 Referer https://girls-nsk.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:54 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id VMFTna-fWyi3mg_VS55pN8B14_w6WPaPrZlDW7t4c0YaXO6VwZ32YA==
GET H2	200	ct Show response d2ze9scn6abmic.cloudfront.net/public/ Frame F3EC	26 KB 26 KB	236ms 236ms	Document text/html	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Requested by Host: d9cshxmf0qazr.cloudfront.net URL: https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 1c80f5d697f070944efd1c15adce15b4f7e4b5e763e0bfd32f60ddc92a98b247 Request headers Referer https://girls-nsk.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-transform content-type text/html; charset=UTF-8 date Fri, 11 Aug 2023 05:17:55 GMT expires Sat, 26 Jul 1997 05:00:00 GMT pragma no-cache server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) x-amz-cf-id 49vtcKqqYAhXCABUiijyXSepOmUfgzPjeJ6O9WhfcEYre0YURgad_w== x-amz-cf-pop FRA56-P7 x-cache Miss from cloudfront x-powered-by PHP/7.4.11
GET H2	200	guid Show response d2ze9scn6abmic.cloudfront.net/public/	0 276 B	326ms 326ms	Script text/html	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/guid?cpguid=crdr1h9ul&e=ll&t=1691731075216 Requested by Host: d9cshxmf0qazr.cloudfront.net URL: https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://girls-nsk.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:55 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id 9v3A17dIqge2CCCSop2vqYbA2Lgde7jkrTs37nNUeapmonqXmcBz3w==
GET H2	200	font-awesome.min.css d266key948fg17.cloudfront.net/assets/landing_pages/fa/css/ Frame F3EC	28 KB 7 KB	111ms 30ms	Stylesheet text/css	2600:9000:20eb:5400:18:af29:bac0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d266key948fg17.cloudfront.net/assets/landing_pages/fa/css/font-awesome.min.css Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:5400:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront) date Fri, 11 Aug 2023 04:50:52 GMT last-modified Mon, 30 Jan 2017 06:33:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 1624 etag W/"4083f5d376eb849a458cc790b53ba080" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id _Vu9aHn2kifxDnetQm3Qv4SqngnpWjMQXBY-Iud45fq4pWUaBZUOYQ==
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame F3EC	52 KB 21 KB	177ms 56ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 11 Aug 2023 03:44:23 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 5612 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 11 Aug 2023 05:44:23 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame F3EC	4 KB 711 B	180ms 63ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8397e4f324463ad7c95564375e1275f675cf31196d62677ec588df46505d7792 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 11 Aug 2023 05:17:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 11 Aug 2023 04:44:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 11 Aug 2023 05:17:55 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame F3EC	799 B 808 B	180ms 63ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Bebas+Neue&display=swap Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8eb73892e9d5bd09313b85cfe9ca832deec94c80086917290faad6e9b7b80bb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 11 Aug 2023 05:17:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 11 Aug 2023 03:42:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 11 Aug 2023 05:17:55 GMT
GET H2	200	16127577445c13075d0dc75e4cf38c76a7f9c5ade2.png d266key948fg17.cloudfront.net/uploads/ Frame F3EC	74 KB 74 KB	203ms 202ms	Image image/png	2600:9000:20eb:5400:18:af29:bac0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d266key948fg17.cloudfront.net/uploads/16127577445c13075d0dc75e4cf38c76a7f9c5ade2.png Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:5400:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bb03ba4896e36361c58d50a86634e2adfb3eccbca1f2b728eba1e151ccffadc7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id 07gMbRbpt5mz2yOQF0MTYLEOXZ_CFXUw date Fri, 11 Aug 2023 05:17:56 GMT via 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront) last-modified Mon, 08 Feb 2021 04:15:46 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 etag "a4408e3fae25c3303f737cf0f8164b4c" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 75638 x-amz-cf-id LVdbHpt4i0mhsxVtzGIliod4-hPQ2yF8bIiQBYdVIjLwS3gwxgzBkA==
GET H2	200	guid.js Show response d2ze9scn6abmic.cloudfront.net/public/external/ Frame F3EC	862 B 1 KB	327ms 327ms	Script application/javascript	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/external/guid.js Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:55 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 19:47:27 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 etag "35e-5ac9f574655f4" x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 862 x-amz-cf-id LqwKTNIBAoItfU-UJkyknkoHsUVUTECnaJtMTn4HaGqTWtCX4Y5ORw==
GET H2	200	t.js Show response d2ze9scn6abmic.cloudfront.net/public/external/ Frame F3EC	2 KB 2 KB	189ms 188ms	Script application/javascript	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/external/t.js Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:55 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) last-modified Tue, 21 Jul 2020 08:43:38 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 etag "696-5aaef9ea142f5" x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 1686 x-amz-cf-id Xi_3a12kbb2NvjYiBdNcMmlKwdahuP2F9c0j5JDFbopLQhR5-jGiTg==
GET H2	200	jquery.js Show response d266key948fg17.cloudfront.net/assets/content_lockers/ Frame F3EC	95 KB 33 KB	34ms 34ms	Script application/x-javascript	2600:9000:20eb:5400:18:af29:bac0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d266key948fg17.cloudfront.net/assets/content_lockers/jquery.js Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:5400:18:af29:bac0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id null content-encoding br via 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront) date Fri, 11 Aug 2023 04:50:51 GMT last-modified Mon, 30 Jan 2017 06:33:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 1633 etag W/"7faa5fa0b997277a94a3c3b02d8be514" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript x-amz-cf-id 0tBMF8wl_qTUvIzSl3Iamir4lWAhR8ubc-s8kHmzHiZmQ2YoPmYpew==
GET H2	200	check.php Show response d2ze9scn6abmic.cloudfront.net/public/external/ Frame F3EC	78 B 373 B	328ms 327ms	Script application/javascript	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/external/check.php?time=1691731075561&it=4093800 Requested by Host: d2ze9scn6abmic.cloudfront.net URL: https://d2ze9scn6abmic.cloudfront.net/public/ct?cpguid=crdr1h9ul&it=4093800&w=1600&h=1200&key=fa61f&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:55 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id S1pcAvqANZAlNGek6sM4Ggf9GZgimVGSWkjFWymR64HKKUpXKr4iHA==
GET H2	200	6ae84K2oVqwItm4TCpAy2g.woff2 fonts.gstatic.com/s/play/v17/ Frame F3EC	17 KB 17 KB	178ms 57ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/play/v17/6ae84K2oVqwItm4TCpAy2g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d2ze9scn6abmic.cloudfront.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Wed, 09 Aug 2023 07:54:02 GMT x-content-type-options nosniff age 163433 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17216 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:54:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 08 Aug 2024 07:54:02 GMT
GET H2	200	6aez4K2oVqwIvtU2Hw.woff2 fonts.gstatic.com/s/play/v17/ Frame F3EC	17 KB 17 KB	194ms 73ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/play/v17/6aez4K2oVqwIvtU2Hw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d2ze9scn6abmic.cloudfront.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 05 Aug 2023 02:03:50 GMT x-content-type-options nosniff age 530045 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17164 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:06:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 04 Aug 2024 02:03:50 GMT
GET H2	200	impression.php Show response d2ze9scn6abmic.cloudfront.net/public/external/	10 B 306 B	177ms 177ms	Script text/html	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/external/impression.php?it=4093800&time=1691731075994 Requested by Host: d9cshxmf0qazr.cloudfront.net URL: https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d Request headers accept-language de-DE,de;q=0.9 Referer https://girls-nsk.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:56 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 10 x-amz-cf-id z_FuKgZPNCsCtrHWVqQJ-lZN_SuvBt1PXuIsb1k_mIfz-YNLhsecUA==
GET H2	200	guid Show response d2ze9scn6abmic.cloudfront.net/public/	0 276 B	331ms 330ms	Script text/html	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/guid?cpguid=crdr1h9ul&e=opl&t=1691731075994 Requested by Host: d9cshxmf0qazr.cloudfront.net URL: https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://girls-nsk.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:56 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id z-bcZLw21ujmQ24l3iadK_QPhajxmEtqVb8imzOU7WynIgbcfL9E_Q==
GET H2	200	check.php Show response d2ze9scn6abmic.cloudfront.net/public/external/	78 B 373 B	180ms 180ms	Script application/javascript	2600:9000:2491:d400:19:8f76:2d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2ze9scn6abmic.cloudfront.net/public/external/check.php?it=4093800&time=1691731076493 Requested by Host: d9cshxmf0qazr.cloudfront.net URL: https://d9cshxmf0qazr.cloudfront.net/35JZkB.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:d400:19:8f76:2d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language de-DE,de;q=0.9 Referer https://girls-nsk.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 11 Aug 2023 05:17:56 GMT via 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront) server Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id y3PpDYUX-dr2b1p1K7IIXxv4QkDEOf1eYk-O9fpUMFqGZSxI0mvaZg==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| rlyrb_cjJ_XwcATc object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| xfLock function| xfGetFeedURL function| xfGetIframeURL function| xfGetIframeHTML function| xfUnlock function| xfOfferComplete function| xfOffersComplete function| xfCheckForLead function| xfComplete function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| CPABuildComplete function| _RH function| _Vm function| _uj function| _Ew function| _HW function| _oy function| _Jf function| _Mz function| _EQ function| _ZU function| _lL function| _yk function| _Tm function| _Ht function| _nS function| _Xy function| _qr function| _Tt function| _du function| _OS function| _Ts function| _ET function| _om function| _Wi function| _xb function| _GK function| _CS function| _kt function| _iE function| _Ut function| _yi function| _TR function| _iD function| _aj function| _lI function| _Ri function| _Th function| _gD function| _iH function| _ff function| _uG function| _KE function| _VR function| _HL function| _VX function| _Nr function| _di function| _Ul function| _WT function| _Cd function| _cy function| _jb function| _tx function| _Yf function| _zl function| _Pg function| _CJ function| _Jl function| _GX function| _nO function| _JF function| _KB function| _VU function| _MS function| _cn function| _xA function| _Kx function| _eN function| _yy function| _bC function| _JW function| _cW function| _Cm function| _xY function| _Gi function| _Ns function| _bu function| _Ci function| _cZ function| _vH function| _ou function| _Tu function| _ux function| _xS function| _wg function| _vs function| _Nl function| _LF function| _gu function| _Yg function| _Hj function| _dS function| _VE function| _TG function| _qd function| _FD function| _rp function| _Hn function| _my function| _qW

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			girls-nsk.cc/	1970-01-20 14:09:55	Name: _cpguid Value: crdr1h9ul

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d266key948fg17.cloudfront.net
d2ze9scn6abmic.cloudfront.net
d9cshxmf0qazr.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
girls-nsk.cc
www.google-analytics.com
2600:9000:2057:f000:d:dd3d:89c0:21
2600:9000:20eb:5400:18:af29:bac0:21
2600:9000:2491:d400:19:8f76:2d00:21
2606:4700:3033::6815:4077
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0fb2b92b210ce4993027148a7a7c254d6df0566fd7f2b14944f6a2f0d012bb0d
1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c
1c80f5d697f070944efd1c15adce15b4f7e4b5e763e0bfd32f60ddc92a98b247
29daf22ffda1ec79aaf048a9e9601e5779f0c764e9cebb153a1a308d9fdbc079
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d
669ad8e27574eb5e9fcf9af7c0e103081d7e5be1ac28cd7c3d110591a8dfab88
6cdceb438e41ee07d58b7214785e14651205d8cc4b158a9a3ab988515f66c1cc
8397e4f324463ad7c95564375e1275f675cf31196d62677ec588df46505d7792
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b6f2d9b0186292e941a32c2891eb0340d0926abdaf07b5d71ecc99916638dc07
bb03ba4896e36361c58d50a86634e2adfb3eccbca1f2b728eba1e151ccffadc7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8eb73892e9d5bd09313b85cfe9ca832deec94c80086917290faad6e9b7b80bb
fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d