urlscan.io logo urlscan.io
SecurityTrails logo

stat.scroogefrog.com Open in urlscan Pro
116.203.95.45  Public Scan

Go To Rescan Add Verdict Report
URL: https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26ut...
Submission: On October 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 116.203.95.45, located in Germany and belongs to HETZNER-AS, DE. The main domain is stat.scroogefrog.com.
TLS certificate: Issued by R3 on August 8th 2023. Valid for: 3 months.
This is the only time stat.scroogefrog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 116.203.95.45 24940 (HETZNER-AS)
2 2001:41d0:203... 16276 (OVH)
5 2
Apex Domain
Subdomains		 Transfer
3 scroogefrog.com
stat.scroogefrog.com
7 KB
2 scfg.biz
scfg.biz
1 KB
5 2
Domain Requested by
3 stat.scroogefrog.com stat.scroogefrog.com
2 scfg.biz stat.scroogefrog.com
5 2

This site contains no links.

Subject Issuer Validity Valid
stat.scroogefrog.com
R3		 2023-08-08 -
2023-11-06		 3 months crt.sh
scfg.biz
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26utm_medium%3dcpc%26utm_campaign%3dxcraft_all_countries_3%26utm_term%3dnone%26utm_content%3d13243181243%26utm_campaign_id%3d81631006%26etext%3d2202.9iro0em4_p-yk4xibyp9gm1pqdjcjjdqohcchb7yrtgr3qbkinhnpkzeovpbx4a__fd9dnm2_osfn76nvnadfnjkahfxanvxd29jdghmy2i.309f1df852990b00d5b5d72f65438f7ea47b7424%26yclid%3d5922219059987159622&ref=https%3a//yandex.ru/&mm=0&c8pad=&ga=&fr=0&cl=48fa66f5804b9d957ce18b04b80b7ccf
Frame ID: A9BC92EACB99DE92E03907B8783424EA
Requests: 4 HTTP requests in this frame

Frame: https://scfg.biz/3dpc.php?rnd=0&c=9829976995833035025-1696764281&set=1
Frame ID: D279FF26B5E797FF3587EAFC2B6FF08A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

scroogefrog

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

8 kB
Transfer

19 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c_q2_ai.php
stat.scroogefrog.com/queue2/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26utm_medium%3dcpc%26utm_campaign%3dxcraft_all_countries_3%26utm_term%3dnone%26utm_content%3d13243181243%26utm_campaign_id%3d81631006%26etext%3d2202.9iro0em4_p-yk4xibyp9gm1pqdjcjjdqohcchb7yrtgr3qbkinhnpkzeovpbx4a__fd9dnm2_osfn76nvnadfnjkahfxanvxd29jdghmy2i.309f1df852990b00d5b5d72f65438f7ea47b7424%26yclid%3d5922219059987159622&ref=https%3a//yandex.ru/&mm=0&c8pad=&ga=&fr=0&cl=48fa66f5804b9d957ce18b04b80b7ccf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.95.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.45.95.203.116.clients.your-server.de
Software
nginx / PHP/5.4.45
Resource Hash
8c3b88e64966bbdd17f855d73b3762744d47fa5afb52feab5520cff23b84f5f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 08 Oct 2023 11:24:41 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
server
nginx
strict-transport-security
max-age=31536000
x-powered-by
PHP/5.4.45
3dpc.php
scfg.biz/ 		16 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scfg.biz/3dpc.php?rnd=374893674
Requested by
Host: stat.scroogefrog.com
URL: https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26utm_medium%3dcpc%26utm_campaign%3dxcraft_all_countries_3%26utm_term%3dnone%26utm_content%3d13243181243%26utm_campaign_id%3d81631006%26etext%3d2202.9iro0em4_p-yk4xibyp9gm1pqdjcjjdqohcchb7yrtgr3qbkinhnpkzeovpbx4a__fd9dnm2_osfn76nvnadfnjkahfxanvxd29jdghmy2i.309f1df852990b00d5b5d72f65438f7ea47b7424%26yclid%3d5922219059987159622&ref=https%3a//yandex.ru/&mm=0&c8pad=&ga=&fr=0&cl=48fa66f5804b9d957ce18b04b80b7ccf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:203:bb6::8 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
48f2c01b36605f044f49e76724692d46b9c1911940a936dda14f39c8fe5bc7b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stat.scroogefrog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 11:24:41 GMT
last-modified
Sun, 08 Oct 2023 11:24:41 GMT
server
nginx
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
reciver_ai.php
stat.scroogefrog.com/queue2/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.scroogefrog.com/queue2/reciver_ai.php?act=ac_qu
Requested by
Host: stat.scroogefrog.com
URL: https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26utm_medium%3dcpc%26utm_campaign%3dxcraft_all_countries_3%26utm_term%3dnone%26utm_content%3d13243181243%26utm_campaign_id%3d81631006%26etext%3d2202.9iro0em4_p-yk4xibyp9gm1pqdjcjjdqohcchb7yrtgr3qbkinhnpkzeovpbx4a__fd9dnm2_osfn76nvnadfnjkahfxanvxd29jdghmy2i.309f1df852990b00d5b5d72f65438f7ea47b7424%26yclid%3d5922219059987159622&ref=https%3a//yandex.ru/&mm=0&c8pad=&ga=&fr=0&cl=48fa66f5804b9d957ce18b04b80b7ccf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.95.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.45.95.203.116.clients.your-server.de
Software
nginx / PHP/5.4.45
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26utm_medium%3dcpc%26utm_campaign%3dxcraft_all_countries_3%26utm_term%3dnone%26utm_content%3d13243181243%26utm_campaign_id%3d81631006%26etext%3d2202.9iro0em4_p-yk4xibyp9gm1pqdjcjjdqohcchb7yrtgr3qbkinhnpkzeovpbx4a__fd9dnm2_osfn76nvnadfnjkahfxanvxd29jdghmy2i.309f1df852990b00d5b5d72f65438f7ea47b7424%26yclid%3d5922219059987159622&ref=https%3a//yandex.ru/&mm=0&c8pad=&ga=&fr=0&cl=48fa66f5804b9d957ce18b04b80b7ccf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 08 Oct 2023 11:24:41 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, X-Requested-With
3dpc.php
scfg.biz/ Frame D279 		497 B
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://scfg.biz/3dpc.php?rnd=0&c=9829976995833035025-1696764281&set=1
Requested by
Host: stat.scroogefrog.com
URL: https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26utm_medium%3dcpc%26utm_campaign%3dxcraft_all_countries_3%26utm_term%3dnone%26utm_content%3d13243181243%26utm_campaign_id%3d81631006%26etext%3d2202.9iro0em4_p-yk4xibyp9gm1pqdjcjjdqohcchb7yrtgr3qbkinhnpkzeovpbx4a__fd9dnm2_osfn76nvnadfnjkahfxanvxd29jdghmy2i.309f1df852990b00d5b5d72f65438f7ea47b7424%26yclid%3d5922219059987159622&ref=https%3a//yandex.ru/&mm=0&c8pad=&ga=&fr=0&cl=48fa66f5804b9d957ce18b04b80b7ccf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:203:bb6::8 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
1905c43153e9ce1d379f5134c9e120f44afb9841af56151b1305a33fc493d6c2

Request headers

Referer
https://stat.scroogefrog.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 08 Oct 2023 11:24:42 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 08 Oct 2023 11:24:42 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
nginx
reciver_ai.php
stat.scroogefrog.com/queue2/ 		0
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.scroogefrog.com/queue2/reciver_ai.php?act=ac_sl
Requested by
Host: stat.scroogefrog.com
URL: https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26utm_medium%3dcpc%26utm_campaign%3dxcraft_all_countries_3%26utm_term%3dnone%26utm_content%3d13243181243%26utm_campaign_id%3d81631006%26etext%3d2202.9iro0em4_p-yk4xibyp9gm1pqdjcjjdqohcchb7yrtgr3qbkinhnpkzeovpbx4a__fd9dnm2_osfn76nvnadfnjkahfxanvxd29jdghmy2i.309f1df852990b00d5b5d72f65438f7ea47b7424%26yclid%3d5922219059987159622&ref=https%3a//yandex.ru/&mm=0&c8pad=&ga=&fr=0&cl=48fa66f5804b9d957ce18b04b80b7ccf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.95.45 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.45.95.203.116.clients.your-server.de
Software
nginx / PHP/5.4.45
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://stat.scroogefrog.com/queue2/c_q2_ai.php?sid=2959835942&u=https%3a//xcraft.net/registration/%3futm_source%3dyadir%26utm_medium%3dcpc%26utm_campaign%3dxcraft_all_countries_3%26utm_term%3dnone%26utm_content%3d13243181243%26utm_campaign_id%3d81631006%26etext%3d2202.9iro0em4_p-yk4xibyp9gm1pqdjcjjdqohcchb7yrtgr3qbkinhnpkzeovpbx4a__fd9dnm2_osfn76nvnadfnjkahfxanvxd29jdghmy2i.309f1df852990b00d5b5d72f65438f7ea47b7424%26yclid%3d5922219059987159622&ref=https%3a//yandex.ru/&mm=0&c8pad=&ga=&fr=0&cl=48fa66f5804b9d957ce18b04b80b7ccf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 08 Oct 2023 11:24:42 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, X-Requested-With

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| d3cookie string| main_d string| d3pc_d string| uid_candidate string| ga number| timestamp number| mtime string| fr string| ma_on string| r_url string| click_id number| uid_webdb number| uid_inddb boolean| db_web object| db_ind number| ncuid function| init object| mySL function| onSilverlightLoad function| addEventClickfrog function| IsTouchDevice function| set_local_storage function| get_local_storage function| set_session_storage function| get_session_storage function| set_cookie function| get_cookie function| get_3c function| set3dpc function| set_all_storages function| set_quick_storages function| action function| action2 function| get_uid function| quick_action function| slow_action function| doPOSTCall function| imgs_loded function| check_uid_value function| isWindowEventSupported function| get_quick_whorls function| get_slow_whorls function| uid_to_obj function| is_big_int function| check_uid_format function| to_int function| get_new_uid function| get_new_uid_js function| getXmlHttp function| getRnd function| ini_ind_db function| ini_web_db function| get_sql_wd function| get_sql_inddb function| set_sql_wd function| set_sql_inddb function| errorwebdb object| r boolean| all_storages boolean| cur_obj boolean| long_obj

3 Cookies

Domain/Path Name / Value
stat.scroogefrog.com/ Name: mysc
Value: 9829976995833035025-1696764281
stat.scroogefrog.com/ Name: scclid
Value: 48fa66f5804b9d957ce18b04b80b7ccf
scfg.biz/ Name: bal3C
Value: 9829976995833035025-1696764281

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000