urlscan.io logo urlscan.io
SecurityTrails logo

1gr.cz Open in urlscan Pro
185.17.117.38  Public Scan

Go To Rescan Add Verdict Report
URL: https://1gr.cz/test/marek/2018/exploited.html
Submission: On March 14 via manual from CZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 185.17.117.38, located in Czech Republic and belongs to MAFRA-CZ-AS, CZ. The main domain is 1gr.cz.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on August 10th 2015. Valid for: 3 years.
This is the only time 1gr.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.17.117.38 38952 (MAFRA-CZ-AS)
1 2
Apex Domain
Subdomains		 Transfer
1 1gr.cz
1gr.cz
16 KB
1 1
Domain Requested by
1 1gr.cz
1 1

This site contains no links.

Subject Issuer Validity Valid
*.1gr.cz
COMODO RSA Domain Validation Secure Server CA		 2015-08-10 -
2018-08-09		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://1gr.cz/test/marek/2018/exploited.html
Frame ID: 38D62F60C16BDB4449516C6708F6CEA3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

16 kB
Transfer

37 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request exploited.html
1gr.cz/test/marek/2018/ 		22 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1gr.cz/test/marek/2018/exploited.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.17.117.38 , Czech Republic, ASN38952 (MAFRA-CZ-AS, CZ),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7efedf0b39d3c866ae05afdd33fb2904577824ff2c8c59941f673098d49b9557

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
1gr.cz
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 14 Mar 2018 00:04:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Feb 2018 16:36:35 GMT
Server
Microsoft-IIS/10.0
ETag
"664e8d4dfbabd31:0"
Vary
Accept-Encoding
Content-Type
text/html; charset=windows-1250
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
16407
X-UA-Compatible
IE=edge
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6abbd16f370527118d8c4a710b42f257c18c897782cc837bb271e46e2c16388f

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Domain/Path Name / Value
.m6r.eu/ Name: test
Value: true
.ibillboard.com/ Name: ibbid
Value: BBID-01-01956999000122474
.ih.adscale.de/ Name: tu
Value: 3#2505128715#48~44950c97cee3f6afd857738b43dc1314~17604~0~0#98~7c685eaa563d4c0caaebeac40a9ed92c~17604~0~0#38~CAESEIZQPnyyAilXCEofNc9K0xA~17604~0~0#39~3b8f5aa8-66e7-4800-bafc-29452a009be8~17604~0~0#42~3181859279443191791~17604~0~0#60~0d9dd575-6098-425e-ab66-67a53af6b338~17604~0~0
.m6r.eu/ Name: ibbid
Value: BBID-01-01956999001929937
.adscale.de/ Name: uu
Value: 402801520985900174
rungo.idnes.cz/ Name: ibbid
Value: BBID-01-01956999001929937
.m6r.eu/ Name: id
Value: 44950c97cee3f6afd857738b43dc1314
.bbelements.com/ Name: ibbid
Value: BBID-01-01956999001929937
.idnes.cz/ Name: gaOK
Value: 1
.idnes.cz/ Name: aam_net_ts
Value: 1520985899
.idnes.cz/ Name: aam_net_ui
Value: 1693102396
.idnes.cz/ Name: aam_last
Value: 1520985899446
rungo.idnes.cz/ Name: bblpasync
Value: 1520985900212
.idnes.cz/ Name: _ga
Value: GA1.2.893490676.1520985899
.idnes.cz/ Name: _dc_gtm_UA-69864340-18
Value: 1
.idnes.cz/ Name: aam_td_cpex_network
Value: 1520985899446
.idnes.cz/ Name: _gid
Value: GA1.2.1896301024.1520985899
.idnes.cz/ Name: flashver
Value: 0
.idnes.cz/ Name: __gfp_64b
Value: lbRqNO2Z2h.XssOepTgUUkDX9qXKBbyaQcWG8jgLn.r.H7
.idnes.cz/ Name: _dc_gtm_UA-69864340-26
Value: 1
rungo.idnes.cz/ Name: bblosync
Value: 1520985899937
rungo.idnes.cz/ Name: ASP.NET_SessionId
Value: q0qsi4qhzjnqnazombo2h2lo
.idnes.cz/ Name: personalizace
Value: setver=full&sp=1009190992779998&test_verze=B

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1gr.cz
185.17.117.38
6abbd16f370527118d8c4a710b42f257c18c897782cc837bb271e46e2c16388f
7efedf0b39d3c866ae05afdd33fb2904577824ff2c8c59941f673098d49b9557