enderbyteprograms.ddnsfree.com Open in urlscan Pro
207.81.125.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://enderbyteprograms.ddnsfree.com:10223/
Submission: On May 02 via api (May 2nd 2024, 3:04:55 am UTC) from US — Scanned from CA

Summary HTTP 11 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 207.81.125.125, located in North Vancouver, Canada and belongs to TELUS Communications, CA. The main domain is enderbyteprograms.ddnsfree.com.

This is the only time enderbyteprograms.ddnsfree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	207.81.125.125 207.81.125.125	852 (TELUS Com...) (TELUS Communications)
3	2607:f8b0:400... 2607:f8b0:4002:c05::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4002:c03::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4002:c11::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4002:c11::68	() ()
11	5

3 207.81.125.125 (North Vancouver, Canada)

ASN852 (TELUS Communications, CA)
PTR: d207-81-125-125.bchsia.telus.net

enderbyteprograms.ddnsfree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4002:c05::9b (Atlanta, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4002:c03::9c (Atlanta, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4002:c11::84 (Atlanta, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:c11::68 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	208 KB
3	ddnsfree.com enderbyteprograms.ddnsfree.com	2 MB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
1	google.com www.google.com
11	4

	Domain	Requested by
3	pagead2.googlesyndication.com	enderbyteprograms.ddnsfree.com pagead2.googlesyndication.com
3	enderbyteprograms.ddnsfree.com	enderbyteprograms.ddnsfree.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
11	5

This site contains links to these domains. Also see Links.

Domain
enderbyteprograms.weebly.com
github.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://enderbyteprograms.ddnsfree.com:10223/
Frame ID: 27E91F2FA57BCFACFDD9AF83E839C9A1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240430/r20110914/zrt_lookup_fy2021.html
Frame ID: BC180E1BB0F232A1F8CE6512680E0F5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2494058265892846&output=html&adk=1812271804&adf=3025194257&lmt=1714619091&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fenderbyteprograms.ddnsfree.com%3A10223%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&dt=1714619090729&bpp=5&bdt=797&idt=947&shv=r20240430&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3192148076890&frm=20&pv=2&ga_vid=209397417.1714619092&ga_sid=1714619092&ga_hid=1086659029&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C95329722%2C95331982%2C31082143%2C95331043&oid=2&pvsid=1672412044806625&tmod=846158059&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=991
Frame ID: 21002BDA98DE8B014CD034419895B499
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB7902356061DDEC0B147582FB6C6CF2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BB2FE6E4F1F2EE9B5D740B5ABAD4B92A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Enderbyte Programs

Page URL History Show full URLs

http://enderbyteprograms.ddnsfree.com:10223/ HTTP 307
https://enderbyteprograms.ddnsfree.com:10223/ HTTP 307
http://enderbyteprograms.ddnsfree.com:10223/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

11
Requests

73 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2163 kB
Transfer

2546 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://enderbyteprograms.weebly.com/
Title: Go to my main website

Search URL Search Domain Scan URL

URL: https://github.com/Enderbyte-Programs
Title: Check out my GitHub

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://enderbyteprograms.ddnsfree.com:10223/ HTTP 307
https://enderbyteprograms.ddnsfree.com:10223/ HTTP 307
http://enderbyteprograms.ddnsfree.com:10223/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
enderbyteprograms.ddnsfree.com/
Redirect Chain

http://enderbyteprograms.ddnsfree.com:10223/
https://enderbyteprograms.ddnsfree.com:10223/
http://enderbyteprograms.ddnsfree.com:10223/

3 KB
1 KB

135ms
134ms

Document
text/html

207.81.125.125
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL: http://enderbyteprograms.ddnsfree.com:10223/
Protocol: HTTP/1.1
Server: 207.81.125.125 North Vancouver, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS: d207-81-125-125.bchsia.telus.net
Software: Apache/2.4.56 (Debian) /
Resource Hash: e8c042bd7a18eb970497625e0ca698dde36ebcaefdd88b1de56e25b5cdca91da

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 967
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 May 2024 03:04:49 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding

Redirect headers

Location: http://enderbyteprograms.ddnsfree.com:10223/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 624ms
190ms Script
text/javascript 2607:f8b0:4002:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2494058265892846

Requested by

Host: enderbyteprograms.ddnsfree.com
URL: http://enderbyteprograms.ddnsfree.com:10223/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4002:c05::9b Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4342c2e7a991b7ba59ca0a2a0eff04187d2142535b460538e1220d5410d03ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://enderbyteprograms.ddnsfree.com:10223/
Origin: http://enderbyteprograms.ddnsfree.com:10223
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 03:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51410
x-xss-protection: 0
server: cafe
etag: 11479118441716685050
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 02 May 2024 03:04:50 GMT

GET
H/1.1 200
OK background.png
enderbyteprograms.ddnsfree.com/downloads/assets/ 2 MB
2 MB 132ms
131ms Image
image/png 207.81.125.125
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://enderbyteprograms.ddnsfree.com:10223/downloads/assets/background.png
Requested by: Host: enderbyteprograms.ddnsfree.com
URL: http://enderbyteprograms.ddnsfree.com:10223/
Protocol: HTTP/1.1
Server: 207.81.125.125 North Vancouver, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS: d207-81-125-125.bchsia.telus.net
Software: Apache/2.4.56 (Debian) /
Resource Hash: 8fcc2026a073bd1cea9d8d94d7d840fe039c521855702e05a13e25391c68c648

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: http://enderbyteprograms.ddnsfree.com:10223/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 02 May 2024 03:04:50 GMT
Last-Modified: Mon, 19 Feb 2024 04:17:25 GMT
Server: Apache/2.4.56 (Debian)
ETag: "1e7fc1-611b45efa3ac2"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1998785

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/ 411 KB
139 KB 628ms
200ms Script
text/javascript 2607:f8b0:4002:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2494058265892846

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4002:c05::9b Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04c7cfa24309ceb1665b1547bcc4752e2e4d8771f731fc5fe0eab0a32b67a277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://enderbyteprograms.ddnsfree.com:10223/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 03:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142318
x-xss-protection: 0
server: cafe
etag: 18336348071964592808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 May 2024 03:04:51 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240430/r20110914/ Frame BC18 0
0 559ms
130ms Document
text/html 2607:f8b0:4002:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240430/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4002:c03::9c Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: http://enderbyteprograms.ddnsfree.com:10223/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 24782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 May 2024 20:11:50 GMT
etag: 5035419970550746386
expires: Wed, 15 May 2024 20:11:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2100 0
0 541ms
142ms Document
text/html 2607:f8b0:4002:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2494058265892846&output=html&adk=1812271804&adf=3025194257&lmt=1714619091&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fenderbyteprograms.ddnsfree.com%3A10223%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&dt=1714619090729&bpp=5&bdt=797&idt=947&shv=r20240430&mjsv=m202404240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3192148076890&frm=20&pv=2&ga_vid=209397417.1714619092&ga_sid=1714619092&ga_hid=1086659029&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C95329722%2C95331982%2C31082143%2C95331043&oid=2&pvsid=1672412044806625&tmod=846158059&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=991

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4002:c03::9c Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: http://enderbyteprograms.ddnsfree.com:10223/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 May 2024 03:04:52 GMT
expires: Thu, 02 May 2024 03:04:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 184ms
183ms XHR
application/json 2607:f8b0:4002:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240430&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4002:c05::9b Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6d5181d2e3bd5b989117900dfcf7d8a628b55865ee09b5761ecae45fc59f1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://enderbyteprograms.ddnsfree.com:10223/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 03:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12283
x-xss-protection: 0

GET
H/1.1 200
OK favicon.ico
enderbyteprograms.ddnsfree.com/ 1 KB
1 KB 132ms
131ms Other
image/vnd.microsoft.icon 207.81.125.125
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL: http://enderbyteprograms.ddnsfree.com:10223/favicon.ico
Protocol: HTTP/1.1
Server: 207.81.125.125 North Vancouver, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS: d207-81-125-125.bchsia.telus.net
Software: Apache/2.4.56 (Debian) /
Resource Hash: 7680e1a8ec9af1077541d412d2351fe0c12020274f2f4aa668de2723535391ad

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: http://enderbyteprograms.ddnsfree.com:10223/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 02 May 2024 03:04:52 GMT
Last-Modified: Sat, 21 Jan 2023 17:06:44 GMT
Server: Apache/2.4.56 (Debian)
ETag: "47a-5f2c930d023bf"
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1146

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 630ms
165ms Script
text/javascript 2607:f8b0:4002:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4002:c11::84 Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://enderbyteprograms.ddnsfree.com:10223/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 03:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 May 2024 03:04:53 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB79 0
0 584ms
164ms Document
text/html 2607:f8b0:4002:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4002:c11::84 Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: http://enderbyteprograms.ddnsfree.com:10223/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 458302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Apr 2024 19:46:31 GMT
expires: Sat, 26 Apr 2025 19:46:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame BB2F 0
0 575ms
145ms Document
text/html 2607:f8b0:4002:c11::68

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4002:c11::68 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-muFRM7VrYiynSp842d9j-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: http://enderbyteprograms.ddnsfree.com:10223/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-muFRM7VrYiynSp842d9j-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 May 2024 03:04:53 GMT
expires: Thu, 02 May 2024 03:04:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 20:16:59	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://enderbyteprograms.ddnsfree.com:10223/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

enderbyteprograms.ddnsfree.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
207.81.125.125
2607:f8b0:4002:c03::9c
2607:f8b0:4002:c05::9b
2607:f8b0:4002:c11::68
2607:f8b0:4002:c11::84
04c7cfa24309ceb1665b1547bcc4752e2e4d8771f731fc5fe0eab0a32b67a277
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7680e1a8ec9af1077541d412d2351fe0c12020274f2f4aa668de2723535391ad
8fcc2026a073bd1cea9d8d94d7d840fe039c521855702e05a13e25391c68c648
e4342c2e7a991b7ba59ca0a2a0eff04187d2142535b460538e1220d5410d03ed
e8c042bd7a18eb970497625e0ca698dde36ebcaefdd88b1de56e25b5cdca91da
f6d5181d2e3bd5b989117900dfcf7d8a628b55865ee09b5761ecae45fc59f1a6

enderbyteprograms.ddnsfree.com Open in urlscan Pro 207.81.125.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

73 %HTTPS

80 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

2163 kBTransfer

2546 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

enderbyteprograms.ddnsfree.com Open in urlscan Pro
207.81.125.125 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

73 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2163 kB
Transfer

2546 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions