urlscan.io logo urlscan.io
SecurityTrails logo

nexgenxplore.click Open in urlscan Pro
13.229.52.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nexgenxplore.click/
Effective URL: https://nexgenxplore.click/
Submission Tags: @phish_report
Submission: On October 29 via api from FI — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 13.229.52.187, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is nexgenxplore.click.
TLS certificate: Issued by R11 on October 29th 2024. Valid for: 3 months.
This is the only time nexgenxplore.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    13.229.52.187 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-52-187.ap-southeast-1.compute.amazonaws.com
nexgenxplore.click
1    2404:6800:4003:c05::9d (Singapore, Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2404:6800:4003:c1c::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    74.125.130.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net
pagead2.googlesyndication.com
1    2404:6800:4003:c0f::64 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    64.233.170.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f155.1e100.net
googleads.g.doubleclick.net
2    2606:4700:7::eb (United States)

ASN13335 (CLOUDFLARENET, US)
pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev
1    172.253.118.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f154.1e100.net
ep1.adtrafficquality.google
2    2404:6800:4003:c0f::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    172.253.118.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f106.1e100.net
www.google.com
4    142.251.175.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f94.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 gstatic.com
fonts.gstatic.com
64 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
2 r2.dev
pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev
262 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
197 KB
2 nexgenxplore.click
nexgenxplore.click
20 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
21 9
Domain Requested by
4 fonts.gstatic.com pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev nexgenxplore.click
2 pagead2.googlesyndication.com nexgenxplore.click
pagead2.googlesyndication.com
2 nexgenxplore.click
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com nexgenxplore.click
21 10
Subject Issuer Validity Valid
www.nexgenxplore.click
R11		 2024-10-29 -
2025-01-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.r2.dev
E5		 2024-09-29 -
2024-12-28		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://nexgenxplore.click/
Frame ID: 802B7FB9B143CA38EB889CFB48FCFB91
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241024/r20190131/zrt_lookup_fy2021.html
Frame ID: 1C20FC717B0767D2B84515E2C611BC86
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6860643623178324&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730246217&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fnexgenxplore.click%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730246217841&bpp=5&bdt=72&idt=91&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8443814093606&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42533202%2C31088481%2C95331832%2C95344189%2C95345280%2C95345789&oid=2&pvsid=2424198238332937&tmod=1717545384&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=113
Frame ID: 456A89C6997ACB18A5D598B808B625F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6860643623178324&output=html&h=280&slotname=3236599782&adk=3874703006&adf=1795251393&pi=t.ma~as.3236599782&w=1100&abgtt=6&fwrn=4&fwrnh=100&lmt=1730246217&rafmt=1&format=1100x280&url=https%3A%2F%2Fnexgenxplore.click%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730246217846&bpp=2&bdt=77&idt=129&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=8443814093606&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42533202%2C31088481%2C95331832%2C95344189%2C95345280%2C95345789&oid=2&pvsid=2424198238332937&tmod=1717545384&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=139
Frame ID: E4242A5C739DF19E00A5A17B776660DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6860643623178324&output=html&h=280&slotname=3236599782&adk=3874703006&adf=3296512626&pi=t.ma~as.3236599782&w=1100&abgtt=6&fwrn=4&fwrnh=100&lmt=1730246218&rafmt=1&format=1100x280&url=https%3A%2F%2Fnexgenxplore.click%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730246218466&bpp=4&bdt=697&idt=4&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=8443814093606&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42533202%2C31088481%2C95331832%2C95344189%2C95345280%2C95345789&oid=2&pvsid=2424198238332937&tmod=1717545384&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Frame ID: 67A38FA7BDD3456BF27BDA9E4E4D1E59
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: A2ABAF767BBDC486C0F20833CC4D04B9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 812C486D0556926B04130B75C8607E60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NexGenXplore | Discover & Connect with Top Businesses - The Ultimate Business Directory

Page URL History Show full URLs

  1. http://nexgenxplore.click/ HTTP 307
    https://nexgenxplore.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

95 %
HTTPS

45 %
IPv6

9
Domains

10
Subdomains

12
IPs

2
Countries

671 kB
Transfer

1345 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nexgenxplore.click/ HTTP 307
    https://nexgenxplore.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nexgenxplore.click/
Redirect Chain
  • http://nexgenxplore.click/
  • https://nexgenxplore.click/
69 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nexgenxplore.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.229.52.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-52-187.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
906dc6c8d51d70d34e491e73784e9d44082d846fb119796716d11a18599cab58

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Oct 2024 23:56:56 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
https://nexgenxplore.click/
Non-Authoritative-Reason
HttpsUpgrades
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6860643623178324
Requested by
Host: nexgenxplore.click
URL: https://nexgenxplore.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45ca8fa1f38a8cf18f9b9d8de4dcb4357cb0f539d25984ba68d65045d9f01432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nexgenxplore.click
Referer
https://nexgenxplore.click/

Response headers

content-encoding
br
etag
3404373349917470863
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 23:56:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 29 Oct 2024 23:56:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53349
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		324 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PX0THGYDSG
Requested by
Host: nexgenxplore.click
URL: https://nexgenxplore.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49a5163af12951d47d51c9f64a9a7041d85c1f573276312535b13a776a9b6bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexgenxplore.click/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 23:56:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 23:56:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109676
x-xss-protection
0
server
Google Tag Manager
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/ 		435 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6860643623178324
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
d441afaa96d4c4eb72723e070fb86633eb44c0216c1ec5bbb46d2c7d36891888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexgenxplore.click/

Response headers

content-encoding
br
etag
7313788501230908650
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 23:56:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 29 Oct 2024 23:56:57 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
148279
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-PX0THGYDSG&gtm=45je4as0v9188642242za200&_p=1730246217802&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101925629&cid=1266288091.1730246218&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730246217&sct=1&seg=0&dl=https%3A%2F%2Fnexgenxplore.click%2F&dt=NexGenXplore%20%7C%20Discover%20%26%20Connect%20with%20Top%20Businesses%20-%20The%20Ultimate%20Business%20Directory&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1328
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX0THGYDSG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexgenxplore.click/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nexgenxplore.click
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 23:56:57 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241024/r20190131/ Frame 1C20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241024/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexgenxplore.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
58888
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 07:35:29 GMT
etag
13108003645644964576
expires
Tue, 12 Nov 2024 07:35:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 456A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6860643623178324&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730246217&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fnexgenxplore.click%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aiapm=0.20295&aiapmi=0.24446&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730246217841&bpp=5&bdt=72&idt=91&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=8443814093606&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42533202%2C31088481%2C95331832%2C95344189%2C95345280%2C95345789&oid=2&pvsid=2424198238332937&tmod=1717545384&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexgenxplore.click/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 23:56:57 GMT
expires
Tue, 29 Oct 2024 23:56:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E424 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6860643623178324&output=html&h=280&slotname=3236599782&adk=3874703006&adf=1795251393&pi=t.ma~as.3236599782&w=1100&abgtt=6&fwrn=4&fwrnh=100&lmt=1730246217&rafmt=1&format=1100x280&url=https%3A%2F%2Fnexgenxplore.click%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730246217846&bpp=2&bdt=77&idt=129&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=8443814093606&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42533202%2C31088481%2C95331832%2C95344189%2C95345280%2C95345789&oid=2&pvsid=2424198238332937&tmod=1717545384&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=139
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexgenxplore.click/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 23:56:58 GMT
expires
Tue, 29 Oct 2024 23:56:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 67A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6860643623178324&output=html&h=280&slotname=3236599782&adk=3874703006&adf=3296512626&pi=t.ma~as.3236599782&w=1100&abgtt=6&fwrn=4&fwrnh=100&lmt=1730246218&rafmt=1&format=1100x280&url=https%3A%2F%2Fnexgenxplore.click%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730246218466&bpp=4&bdt=697&idt=4&shv=r20241024&mjsv=m202410240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=8443814093606&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=4137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42533202%2C31088481%2C95331832%2C95344189%2C95345280%2C95345789&oid=2&pvsid=2424198238332937&tmod=1717545384&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexgenxplore.click/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 23:56:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pub-3c8e2a747ebf4007b9b47410660a51eb.js
pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/pub-3c8e2a747ebf4007b9b47410660a51eb.js
Requested by
Host: nexgenxplore.click
URL: https://nexgenxplore.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30bcd909569b225df42d8c8146e69037d34a5b8cece5bd56099fce97d8b6f307

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexgenxplore.click/

Response headers

ETag
"82705059488d8526ab11cd11461cb7c4"
Connection
keep-alive
CF-RAY
8da71b08ef894cad-SIN
Accept-Ranges
bytes
Content-Length
6276
Date
Tue, 29 Oct 2024 23:57:02 GMT
Content-Type
application/x-javascript
Last-Modified
Tue, 08 Oct 2024 02:47:34 GMT
Vary
Accept-Encoding
Server
cloudflare
pub-3c8e2a747ebf4007b9b47410660a51eb.css
pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/ 		255 KB
255 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/pub-3c8e2a747ebf4007b9b47410660a51eb.css
Requested by
Host: nexgenxplore.click
URL: https://nexgenxplore.click/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ff5da986d4da4edaf649df6bbd8d27819f55b7ace9be2128bc19b56144ae785

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexgenxplore.click/

Response headers

ETag
"227e59def68d931315a647a58f5f5917"
Connection
keep-alive
CF-RAY
8da71b08ed5e5f71-SIN
Accept-Ranges
bytes
Content-Length
261048
Date
Tue, 29 Oct 2024 23:57:02 GMT
Content-Type
text/css
Last-Modified
Tue, 08 Oct 2024 02:47:35 GMT
Vary
Accept-Encoding
Server
cloudflare
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241024&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
acbb2cea55eaebf6f6886b8571b6c1fff6053a31385428607a10e68284f1093d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexgenxplore.click/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13005
date
Tue, 29 Oct 2024 23:57:02 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
nexgenxplore.click/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nexgenxplore.click/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.229.52.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-52-187.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b64de4f5228467a41bb1aab51b9c0d73b191ec9dbb4e4256314fa2e09c5e8b74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexgenxplore.click/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Expires
Tue, 29 Oct 2024 23:57:02 GMT
Accept-Ranges
bytes
Content-Length
1150
Keep-Alive
timeout=5, max=99
Date
Tue, 29 Oct 2024 23:57:02 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 29 Oct 2024 11:29:44 GMT
Content-Type
image/x-icon
Server
Apache
X-Frame-Options
SAMEORIGIN
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nexgenxplore.click/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 23:57:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 23:57:02 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame A2AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexgenxplore.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
237
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 23:53:05 GMT
expires
Wed, 30 Oct 2024 00:43:05 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 812C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f106.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1qT0JA662uYfDG-2ff0vfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexgenxplore.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1qT0JA662uYfDG-2ff0vfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 23:57:02 GMT
expires
Tue, 29 Oct 2024 23:57:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
VEM1Ro9xs5PjtzCu-srDqSTijP4.woff2
fonts.gstatic.com/s/concertone/v22/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/concertone/v22/VEM1Ro9xs5PjtzCu-srDqSTijP4.woff2
Requested by
Host: pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev
URL: https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/pub-3c8e2a747ebf4007b9b47410660a51eb.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f94.1e100.net
Software
sffe /
Resource Hash
1881c94451b66747d1b71c19e7ba6d921898103623c68fa63fc50f33179d1502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nexgenxplore.click
Referer
https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/

Response headers

age
391943
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 11:04:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 11:04:40 GMT
last-modified
Wed, 26 Jun 2024 16:15:33 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24280
x-xss-protection
0
server
sffe
pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G5ClXs1Ul.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G5ClXs1Ul.woff2
Requested by
Host: pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev
URL: https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/pub-3c8e2a747ebf4007b9b47410660a51eb.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f94.1e100.net
Software
sffe /
Resource Hash
ac3dbca51e540c634d7edc3e7d819fcf3e1baf26c3d685c47630ef0ce39490d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nexgenxplore.click
Referer
https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/

Response headers

age
393357
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 25 Oct 2025 10:41:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 10:41:06 GMT
last-modified
Thu, 27 Apr 2023 00:20:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13932
x-xss-protection
0
server
sffe
pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilXs1Ul.woff2
Requested by
Host: pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev
URL: https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/pub-3c8e2a747ebf4007b9b47410660a51eb.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f94.1e100.net
Software
sffe /
Resource Hash
38a3a7b587a96ccb845942e710e2f7063a11406ecd054e98772160e2e49a77ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nexgenxplore.click
Referer
https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/

Response headers

age
21452
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 17:59:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 17:59:31 GMT
last-modified
Thu, 27 Apr 2023 00:20:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13860
x-xss-protection
0
server
sffe
pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4GMS5Xs1Ul.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4GMS5Xs1Ul.woff2
Requested by
Host: pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev
URL: https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/pub-3c8e2a747ebf4007b9b47410660a51eb.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.175.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f94.1e100.net
Software
sffe /
Resource Hash
584b7ea76630df7ed8b8b8c96cf3fdb9971dff1eebf294b493f561a808eabc3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nexgenxplore.click
Referer
https://pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev/

Response headers

age
47621
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 10:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 10:43:22 GMT
last-modified
Thu, 27 Apr 2023 00:55:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13800
x-xss-protection
0
server
sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241024&jk=2424198238332937&bg=!EBOlE1zNAAZ-RxQpXkc7ADQBe5WfOGIJ9hSMMi9v07wtdKqZoUFKYg7LpW5UJSJcmRXrbCJJxAclqxehI_KSzYh7BTwwAgAAAENSAAAABGgBB34ANrsZwI1bKVeSHPjwgvA80VJrFPWWD7Z4bx4qY4br56ED_DaNK17rxvXMBy-YMRIJekQtrU_P8JkCnL5TCITbNu2GChhzyoNrMUXgjHNshjyinzr-C3gNwsyWL6LJ8M5Ho_O5sGHEZVU_vSLK8ebD5fw5Cwy5rqdC7Xuqy2d4NbLY_-e8qMX_KWtATPlI75fUinhwTrJDdqh_V748N_R6WaYvZP0uzYptxSyVcNDGiIYonbUiCJNH0KXxTEWfknPc0pWDKDmpHtlntHlV3sNHnCXuDb7OQkzmE5t7vG4Qf23ZHWx_C-K5hOQu4H4hnlqHSkp2XZMfrrPSozoBldHCl7DsPGsIdWjahBU-MDjlC4ooQlsIO8jNADbFpH1whyZdo-qvyJVBXrog8LjJH3pknjId_Rd9X1Z5H2ZQVm17TMHm2OvonyiAblRYFo_aMf0hWQI57GbbFvnUiLKJzz3_pH90Iz9LZalfCiQnV3bldkr6tPC-SmH5nHHUlqqNacEeOEc3WP_eTdwO9MkHFNDUXPrywRmoJwNhv352R1s4QS5HsL3V5lXEShsLkb2mRebVvgD9b8B5TCYdlBruOnWwdyG3fnTxNMZQqMdWsi4iL-LyOfiIDcm4Ak35pTr8dAt7eoTB8-7X7UgOzkjbtSWGzbCyn_SNJbRfPA6_zT9eyxbk6zfLFEVpUbQPLuvscgqYgDIKNrWD1Sw2cmTEElUHO9jz8FVLnpaORfTBFWlt6mnFVJUgkr_Hcx7qZNtVIvZrb0hnzCoYPXgXAzrNjfZKOfhWaZGAWKLemxzF6LQUy9OjkdXVkzUtwRSpmEkQnkNTW2b4kCsOHQquhweBeb_oEuUUgDnj6yAA1BxJAeloZw7czJGDNf5e_dFq-4X-JyJS8-TXbARMr9yztHqFEsIxz9vNkk4R2bvu0ZRWC-fc3B3be0XR1maOuF408TR0NbcVdAkVm5Kf

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| _0x3f9f function| _0x3fd8 function| _0x2cc0 function| _0xf2f2 function| _0x5411 function| _0x15e8 function| _0x30e779 function| gtag object| dataLayer object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| _0x552e function| _0x16f4 function| _0x2f10 function| toggleMenu function| _0x4c8c function| _0x141f function| _0xd910 object| google_image_requests

3 Cookies

Domain/Path Name / Value
.nexgenxplore.click/ Name: _ga_PX0THGYDSG
Value: GS1.1.1730246217.1.0.1730246217.0.0.0
.nexgenxplore.click/ Name: _ga
Value: GA1.1.1266288091.1730246218
.doubleclick.net/ Name: IDE
Value: AHWqTUnMO8Ye6E7YLC03bMy1sTlK1OprBCsOQ4qVwlfBru2PZR-91urAQg4cLGVruC8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.gstatic.com
googleads.g.doubleclick.net
nexgenxplore.click
pagead2.googlesyndication.com
pub-3c8e2a747ebf4007b9b47410660a51eb.r2.dev
www.google-analytics.com
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
13.229.52.187
142.251.175.94
172.253.118.106
172.253.118.154
2404:6800:4003:c05::9d
2404:6800:4003:c0f::64
2404:6800:4003:c0f::84
2404:6800:4003:c1c::61
2606:4700:7::eb
64.233.170.155
74.125.130.154
1881c94451b66747d1b71c19e7ba6d921898103623c68fa63fc50f33179d1502
1ff5da986d4da4edaf649df6bbd8d27819f55b7ace9be2128bc19b56144ae785
30bcd909569b225df42d8c8146e69037d34a5b8cece5bd56099fce97d8b6f307
38a3a7b587a96ccb845942e710e2f7063a11406ecd054e98772160e2e49a77ce
45ca8fa1f38a8cf18f9b9d8de4dcb4357cb0f539d25984ba68d65045d9f01432
49a5163af12951d47d51c9f64a9a7041d85c1f573276312535b13a776a9b6bf0
584b7ea76630df7ed8b8b8c96cf3fdb9971dff1eebf294b493f561a808eabc3c
906dc6c8d51d70d34e491e73784e9d44082d846fb119796716d11a18599cab58
ac3dbca51e540c634d7edc3e7d819fcf3e1baf26c3d685c47630ef0ce39490d1
acbb2cea55eaebf6f6886b8571b6c1fff6053a31385428607a10e68284f1093d
b64de4f5228467a41bb1aab51b9c0d73b191ec9dbb4e4256314fa2e09c5e8b74
d441afaa96d4c4eb72723e070fb86633eb44c0216c1ec5bbb46d2c7d36891888
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99