URL: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Submission Tags: c2 malware zeus Search All
Submission: On September 24 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 149.202.75.212, located in France and belongs to OVH, FR. The main domain is serverddfd.7m.pl.
This is the only time serverddfd.7m.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
9 serverddfd.7m.pl serverddfd.7m.pl
2 pagead2.googlesyndication.com serverddfd.7m.pl
pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
15 6

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.google.de
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh

This page contains 2 frames:

Primary Page: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Frame ID: BFA070C8B18CA6E56BCA5EF6DC29E859
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 60DC83EDE4E10D833274175BF9D461F0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

login

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

33 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

248 kB
Transfer

595 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set cp.php
serverddfd.7m.pl/webadmin//
2 KB
1 KB
Document
General
Full URL
http://serverddfd.7m.pl/webadmin//cp.php?m=login
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
6b0c2e2c785d1676331df9084f0efae8ebfb3129e4d200d1414f7c2c2cbc48ca

Request headers

Host
serverddfd.7m.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 24 Sep 2021 05:40:01 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, pre-check=0, post-check=0
Pragma
no-cache
Set-Cookie
ref=ffu0m0q8vrigqrculg50dstrf7; expires=Sat, 17-Jun-2073 11:41:42 GMT; Max-Age=1632463301; path=/webadmin
Content-Encoding
gzip
jquery-1.7.1.min.js
serverddfd.7m.pl/webadmin//theme/js/
92 KB
38 KB
Script
General
Full URL
http://serverddfd.7m.pl/webadmin//theme/js/jquery-1.7.1.min.js
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
serverddfd.7m.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
Cookie
ref=ffu0m0q8vrigqrculg50dstrf7
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 12:17:53 GMT
Server
nginx
ETag
W/"6145d8f1-16eac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31104000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 19 Sep 2022 05:40:01 GMT
dextend.js
serverddfd.7m.pl/webadmin//theme/js/
14 KB
6 KB
Script
General
Full URL
http://serverddfd.7m.pl/webadmin//theme/js/dextend.js
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
a3cd5969a0ae7567a138e8574ec7d2a0599940cb6b8c4672902d16cab5332d26

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
serverddfd.7m.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
Cookie
ref=ffu0m0q8vrigqrculg50dstrf7
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 12:17:51 GMT
Server
nginx
ETag
W/"6145d8ef-372e"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31104000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 19 Sep 2022 05:40:01 GMT
jlog.js
serverddfd.7m.pl/webadmin//theme/js/
4 KB
4 KB
Script
General
Full URL
http://serverddfd.7m.pl/webadmin//theme/js/jlog.js
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
ee20cb766cc1545980cda13ac285adff8e67fd50d025bb42537e2f8f11ae3edb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
serverddfd.7m.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
Cookie
ref=ffu0m0q8vrigqrculg50dstrf7
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 05:40:01 GMT
Last-Modified
Sat, 18 Sep 2021 12:17:52 GMT
Server
nginx
ETag
"6145d8f0-e6d"
Content-Type
application/javascript
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3693
Expires
Mon, 19 Sep 2022 05:40:01 GMT
global.js
serverddfd.7m.pl/webadmin//theme/js/
6 KB
6 KB
Script
General
Full URL
http://serverddfd.7m.pl/webadmin//theme/js/global.js
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
c83b88ea02bf9973cea513665e6474595cca12973a7dc8a1d07b702b96e95fb3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
serverddfd.7m.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
Cookie
ref=ffu0m0q8vrigqrculg50dstrf7
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 05:40:01 GMT
Last-Modified
Sat, 18 Sep 2021 12:17:52 GMT
Server
nginx
ETag
"6145d8f0-1892"
Content-Type
application/javascript
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6290
Expires
Mon, 19 Sep 2022 05:40:01 GMT
ajax_forms.js
serverddfd.7m.pl/webadmin//theme/js/
4 KB
5 KB
Script
General
Full URL
http://serverddfd.7m.pl/webadmin//theme/js/ajax_forms.js
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
97116a2931f61d9bbdd5210fd3048827c0a2d54cb59b0c366f4aa4064a6c7939

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
serverddfd.7m.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
Cookie
ref=ffu0m0q8vrigqrculg50dstrf7
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 05:40:01 GMT
Last-Modified
Sat, 18 Sep 2021 12:17:51 GMT
Server
nginx
ETag
"6145d8ef-10e0"
Content-Type
application/javascript
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4320
Expires
Mon, 19 Sep 2022 05:40:01 GMT
style.css
serverddfd.7m.pl/webadmin//theme/
45 KB
11 KB
Stylesheet
General
Full URL
http://serverddfd.7m.pl/webadmin//theme/style.css
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
cfab9c6406e8d699c2e7ea00a5cff4c4ec198cf7bb43af381a1a3412f6949da1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
serverddfd.7m.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
Cookie
ref=ffu0m0q8vrigqrculg50dstrf7
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/webadmin//cp.php?m=login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 05:40:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 18 Sep 2021 12:17:26 GMT
Server
nginx
ETag
W/"6145d8d6-b253"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31104000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 19 Sep 2022 05:40:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
49 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//cp.php?m=login
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9b608e3126febad02f223aef86376c750db0a6fad2c8cde1d291f6fffc107ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Fri, 24 Sep 2021 05:40:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9294457286285990098
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
49921
X-XSS-Protection
0
Expires
Fri, 24 Sep 2021 05:40:02 GMT
navigate.cur
serverddfd.7m.pl/webadmin//theme/
278 B
278 B
Image
General
Full URL
http://serverddfd.7m.pl/webadmin//theme/navigate.cur
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//theme/style.css
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
8d4f7ed3d9f101b1bbc430ce71c17a8d355c1bc931fd45686502c89e5a72dbf8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
serverddfd.7m.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://serverddfd.7m.pl/webadmin//theme/style.css
Cookie
ref=ffu0m0q8vrigqrculg50dstrf7
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/webadmin//theme/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 05:40:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
278
Content-Type
text/html; charset=iso-8859-1
back-all.png
serverddfd.7m.pl/webadmin//theme/images/
25 KB
25 KB
Image
General
Full URL
http://serverddfd.7m.pl/webadmin//theme/images/back-all.png
Requested by
Host: serverddfd.7m.pl
URL: http://serverddfd.7m.pl/webadmin//theme/style.css
Protocol
HTTP/1.1
Server
149.202.75.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3013739.ip-149-202-75.eu
Software
nginx /
Resource Hash
68df9fc492c942b78e09a013ddca20796576663e77784acb347f8f405392f339

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
serverddfd.7m.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://serverddfd.7m.pl/webadmin//theme/style.css
Cookie
ref=ffu0m0q8vrigqrculg50dstrf7
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/webadmin//theme/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 05:40:02 GMT
Last-Modified
Sat, 18 Sep 2021 12:17:49 GMT
Server
nginx
ETag
"6145d8ed-641c"
Content-Type
image/png
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25628
Expires
Mon, 19 Sep 2022 05:40:02 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/
255 KB
95 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6469407771801779&plah=serverddfd.7m.pl&bust=31062896
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
064171cd3bcf1f06f0debdf14d0f4a25dfa4d03ee891cd62e125049d91f678eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 05:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96574
x-xss-protection
0
server
cafe
etag
16994804634730992675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Sep 2021 05:40:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 60DC
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://serverddfd.7m.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 24 Sep 2021 05:23:04 GMT
expires
Fri, 08 Oct 2021 05:23:04 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
1018
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
195 B
653 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=serverddfd.7m.pl&callback=_gfp_s_&client=ca-pub-6469407771801779
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6469407771801779&plah=serverddfd.7m.pl&bust=31062896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
76c9ba9745ae8bcdd6bad4020d02174621d2658f7ed627c5710ae4e3d04c0bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 05:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
187
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=serverddfd.7m.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6469407771801779&plah=serverddfd.7m.pl&bust=31062896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Sep 2021 05:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=serverddfd.7m.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6469407771801779&plah=serverddfd.7m.pl&bust=31062896
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://serverddfd.7m.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Sep 2021 05:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery undefined| n undefined| C undefined| p undefined| r undefined| $styles function| Lexicon function| io_connect function| AJAXcontextMenu function| phpAppend object| lexicon function| js_form_feeder object| global object| adsbygoogle function| FormNice object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner

2 Cookies

Domain/Path Name / Value
serverddfd.7m.pl/webadmin Name: ref
Value: ffu0m0q8vrigqrculg50dstrf7
.7m.pl/ Name: __gads
Value: ID=926cacdda17440f8-226c405d4dc9004e:T=1632462002:RT=1632462002:S=ALNI_MY9-zgkr2OUgyuXjj5o7OltdUzW1Q

1 Console Messages

Source Level URL
Text
network error URL: http://serverddfd.7m.pl/webadmin//theme/navigate.cur
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)