ww25.pdfdocdownloadspanel.site Open in urlscan Pro
216.120.146.200 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://posssanpaisa.tk/8eac343f3d857bb786ebed74e1e04eb5/Itt-Tech-Info-Transcript-Request/doc/745873584
Effective URL:
http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-...
Submission Tags: falconsandbox
Submission: On January 16 via api (January 16th 2022, 2:34:29 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 216.120.146.200, located in United States and belongs to BODIS-1, US. The main domain is ww25.pdfdocdownloadspanel.site.

This is the only time ww25.pdfdocdownloadspanel.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:89e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	70.32.1.32 70.32.1.32	32181 (ASN-GIGENET) (ASN-GIGENET)
6	216.120.146.200 216.120.146.200	53665 (BODIS-1) (BODIS-1)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:28c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	5

1 2606:4700:3032::ac43:89e9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

posssanpaisa.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.32.1.32 (Ashburn, United States) 1 redirects

ASN32181 (ASN-GIGENET, US)
PTR: ip-70.32.1.32.hosted.by.gigenet.com

pdfdocdownloadspanel.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.120.146.200 (United States)

ASN53665 (BODIS-1, US)

ww25.pdfdocdownloadspanel.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:28c7 (United States)

ASN13335 (CLOUDFLARENET, US)

parking.bodiscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	pdfdocdownloadspanel.site 1 redirects pdfdocdownloadspanel.site ww25.pdfdocdownloadspanel.site	26 KB
5	google.com www.google.com — Cisco Umbrella Rank: 8	105 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 11527	1 KB
1	bodiscdn.com parking.bodiscdn.com — Cisco Umbrella Rank: 43815	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 745	639 B
1	posssanpaisa.tk 1 redirects posssanpaisa.tk	712 B
15	6

	Domain	Requested by
6	ww25.pdfdocdownloadspanel.site	ww25.pdfdocdownloadspanel.site
5	www.google.com	ww25.pdfdocdownloadspanel.site www.google.com
2	afs.googleusercontent.com	www.google.com
1	parking.bodiscdn.com
1	partner.googleadservices.com	www.google.com
1	pdfdocdownloadspanel.site	1 redirects
1	posssanpaisa.tk	1 redirects
15	7

This site contains no links.

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-26` - `2022-07-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
Frame ID: F3438A9CF110CE0B27F16E85D3BF84D9
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=9458580115&pcsa=false&channel=pid-bodis-gcontrol253%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol302%2Cpid-bodis-gcontrol153&client=dp-bodis30_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300829%2C17300842%2C17300843%2C17300846%2C17300859%2C17300862&format=r3&nocache=3211642300465177&num=0&output=afd_ads&domain_name=ww25.pdfdocdownloadspanel.site&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1642300465177&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsid=caf&jsv=71990&rurl=http%3A%2F%2Fww25.pdfdocdownloadspanel.site%2Facfe60bdc01b51e5d204094a99d66097%2FItt-Tech-Info-Transcript-Request%2Fdoc%2F745873584%3Fsubid1%3D20220116-1334-2317-8430-13d1637364e7
Frame ID: 6D1D70A5B4F549009A2F0C7C8B42D62C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pdfdocdownloadspanel.site

Page URL History Show full URLs

https://posssanpaisa.tk/8eac343f3d857bb786ebed74e1e04eb5/Itt-Tech-Info-Transcript-Request/doc/745873584 HTTP 302
https://pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584 HTTP 302
http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

60 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

135 kB
Transfer

354 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://posssanpaisa.tk/8eac343f3d857bb786ebed74e1e04eb5/Itt-Tech-Info-Transcript-Request/doc/745873584 HTTP 302
https://pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584 HTTP 302
http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 745873584 Show response
ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/
Redirect Chain

https://posssanpaisa.tk/8eac343f3d857bb786ebed74e1e04eb5/Itt-Tech-Info-Transcript-Request/doc/745873584
https://pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584
http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7

2 KB
2 KB

721ms
101ms

Document
text/html

216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: 53deb193ab0eb1e2a8aec1a2c70ba19c602f12879217d33ecb8e6f57a84d10c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: openresty
Date: Sun, 16 Jan 2022 02:34:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_X2caYd2RTnx+zAE73lHA0bbg/gc0SDB2XkGVLHnX5TRdtdPOYekIahBVyE8mdhBLB2WWXQtnb5/GZ34Kljek8g==
Cache-Control: no-cache no-store, must-revalidate post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Content-Encoding: gzip

Redirect headers

Date: Sun, 16 Jan 2022 02:34:23 GMT
Server: Apache/2.4.25 (Debian)
Location: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK parking.2.77.1.js Show response
ww25.pdfdocdownloadspanel.site/js/ 58 KB
19 KB 102ms
101ms Script
application/javascript 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.pdfdocdownloadspanel.site/js/parking.2.77.1.js
Requested by: Host: ww25.pdfdocdownloadspanel.site
URL: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: 3928ff9a90b0bafd2c5feea40ebd6f9c83e67816eb6f6275f1e0625e548034b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 02:34:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Jan 2022 20:18:55 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _fd Show response
ww25.pdfdocdownloadspanel.site/ 6 KB
3 KB 141ms
141ms Fetch
text/html 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.pdfdocdownloadspanel.site/_fd?subid1=20220116-1334-2317-8430-13d1637364e7
Requested by: Host: ww25.pdfdocdownloadspanel.site
URL: http://ww25.pdfdocdownloadspanel.site/js/parking.2.77.1.js
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: 7c69e133b96235f6a1c04e09244bacdc5836d28cbba62dadeb90b1b029cd6f3f

Request headers

Accept: application/json
Referer: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.77.1
Date: Sun, 16 Jan 2022 02:34:25 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ 139 KB
52 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.pdfdocdownloadspanel.site
URL: http://ww25.pdfdocdownloadspanel.site/js/parking.2.77.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b28872f0f84448be9b21b3122132d82e7d8ee60ce4418f38f355945f97e0a386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 02:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "9903803048598048585"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Sun, 16 Jan 2022 02:34:24 GMT

GET
H/1.1 200
OK px.gif
ww25.pdfdocdownloadspanel.site/ 42 B
421 B 200ms
100ms Image
image/gif 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.pdfdocdownloadspanel.site/px.gif?ch=1&rn=9.630525781837846
Requested by: Host: ww25.pdfdocdownloadspanel.site
URL: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 02:34:25 GMT
Last-Modified: Tue, 21 Dec 2021 18:13:32 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK px.gif
ww25.pdfdocdownloadspanel.site/ 42 B
421 B 200ms
100ms Image
image/gif 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.pdfdocdownloadspanel.site/px.gif?ch=2&rn=9.630525781837846
Requested by: Host: ww25.pdfdocdownloadspanel.site
URL: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 02:34:25 GMT
Last-Modified: Tue, 21 Dec 2021 18:13:32 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
639 B 71ms
16ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.pdfdocdownloadspanel.site&client=dp-bodis30_3ph&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5a0a04f8d30d932ec5e8da338f819cd5fc12767d530587dbda21a82213fac929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 02:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 ads Show response
www.google.com/afs/ Frame 6D1D 6 KB
2 KB 94ms
94ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?adtest=off&psid=9458580115&pcsa=false&channel=pid-bodis-gcontrol253%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol302%2Cpid-bodis-gcontrol153&client=dp-bodis30_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300829%2C17300842%2C17300843%2C17300846%2C17300859%2C17300862&format=r3&nocache=3211642300465177&num=0&output=afd_ads&domain_name=ww25.pdfdocdownloadspanel.site&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1642300465177&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsid=caf&jsv=71990&rurl=http%3A%2F%2Fww25.pdfdocdownloadspanel.site%2Facfe60bdc01b51e5d204094a99d66097%2FItt-Tech-Info-Transcript-Request%2Fdoc%2F745873584%3Fsubid1%3D20220116-1334-2317-8430-13d1637364e7

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

c45826c66567ef8b3be51a06959f0725a2f7c50998f2557631cb287941982b7f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/

Response headers

content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sun, 16 Jan 2022 02:34:25 GMT
expires: Sun, 16 Jan 2022 02:34:25 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 1922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ Frame 6D1D 139 KB
51 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=9458580115&pcsa=false&channel=pid-bodis-gcontrol253%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol302%2Cpid-bodis-gcontrol153&client=dp-bodis30_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2168508906786538&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300829%2C17300842%2C17300843%2C17300846%2C17300859%2C17300862&format=r3&nocache=3211642300465177&num=0&output=afd_ads&domain_name=ww25.pdfdocdownloadspanel.site&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1642300465177&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsid=caf&jsv=71990&rurl=http%3A%2F%2Fww25.pdfdocdownloadspanel.site%2Facfe60bdc01b51e5d204094a99d66097%2FItt-Tech-Info-Transcript-Request%2Fdoc%2F745873584%3Fsubid1%3D20220116-1334-2317-8430-13d1637364e7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2058b254cf2baa84dadf112416fe8c9e7e30e1b71cbcf017f6c646f44d24cad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 02:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "15329792819556694728"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Sun, 16 Jan 2022 02:34:25 GMT

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 6D1D 391 B
890 B 29ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2311264d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ba0d867e58e5caf5499901274fb5425180cce1f974d6c18c0f05ade47a7986e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
age: 29999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
date: Sat, 15 Jan 2022 18:14:26 GMT
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Sun, 16 Jan 2022 17:14:26 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 6D1D 200 B
289 B 29ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
age: 34614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
date: Sat, 15 Jan 2022 16:57:31 GMT
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Sun, 16 Jan 2022 15:57:31 GMT

GET
H2 200 arrows-bg-single.png
parking.bodiscdn.com/parking/ 3 KB
3 KB 45ms
16ms Image
image/webp 2606:4700:3108::ac42:28c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://parking.bodiscdn.com/parking/arrows-bg-single.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8436c93cfe365821cf9ec9d10320c9abb9862f4292a10e6c6fe75c15f5316b68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 02:34:25 GMT
cf-cache-status: HIT
age: 260
cf-polished: origFmt=png, origSize=3365
cf-ray: 6ce3f1d4dcaf4a61-FRA
content-disposition: inline; filename="arrows-bg-single.webp"
content-length: 2740
x-amz-id-2: tYPbMietqOgsrVfquCbA7HU/bLM9Gevah4IRnHou/dV7l8A570qw9E81qyJ81bgARr32Vc6pJBk=
last-modified: Fri, 13 Aug 2021 17:44:53 GMT
server: cloudflare
etag: "be0ad31eeb486cdcc271ce6ebab43d97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: D1AS0KQP6J6KN891
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:100,h2pri

POST
H/1.1 200
OK _tr
ww25.pdfdocdownloadspanel.site/ 2 B
0 132ms
132ms Fetch
text/html 216.120.146.200
BODIS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.pdfdocdownloadspanel.site/_tr
Requested by: Host: ww25.pdfdocdownloadspanel.site
URL: http://ww25.pdfdocdownloadspanel.site/js/parking.2.77.1.js
Protocol: HTTP/1.1
Server: 216.120.146.200 , United States, ASN53665 (BODIS-1, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: application/json
Referer: http://ww25.pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc/745873584?subid1=20220116-1334-2317-8430-13d1637364e7
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.77.1
Date: Sun, 16 Jan 2022 02:34:25 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 204 gen_204
www.google.com/afs/ 0
15 B 40ms
40ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=7gl29lamw5d6&aqid=MYTjYcuWDpab3wO4vL_wCg&psid=9458580115&pbt=bs&adbx=550&adby=134&adbh=559&adbw=500&adbah=182%2C180%2C180&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=7199098398085670512&csadii=7&csadr=196&csala=7%7C114%7C35%7C47&lle=0&llm=1000&ifv=1&usr=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 02:34:26 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
www.google.com/afs/ 0
15 B 32ms
31ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=p4rf9pw5etm&aqid=MYTjYcuWDpab3wO4vL_wCg&psid=9458580115&pbt=bv&adbx=550&adby=134&adbh=559&adbw=500&adbah=182%2C180%2C180&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=7199098398085670512&csadii=7&csadr=196&csala=7%7C114%7C35%7C47&lle=0&llm=1000&ifv=1&usr=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ww25.pdfdocdownloadspanel.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 02:34:27 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pdfdocdownloadspanel.site/acfe60bdc01b51e5d204094a99d66097/Itt-Tech-Info-Transcript-Request/doc	1970-01-23 15:47:40	Name: __tad Value: 1642300463.2012678
			ww25.pdfdocdownloadspanel.site/	1970-01-20 00:11:41	Name: parking_session Value: 0abaa9f6-9947-46ea-f650-1e37e6e81c1f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
parking.bodiscdn.com
partner.googleadservices.com
pdfdocdownloadspanel.site
posssanpaisa.tk
ww25.pdfdocdownloadspanel.site
www.google.com
142.250.186.130
216.120.146.200
2606:4700:3032::ac43:89e9
2606:4700:3108::ac42:28c7
2a00:1450:4001:810::2004
2a00:1450:4001:830::2001
70.32.1.32
2058b254cf2baa84dadf112416fe8c9e7e30e1b71cbcf017f6c646f44d24cad4
3928ff9a90b0bafd2c5feea40ebd6f9c83e67816eb6f6275f1e0625e548034b4
53deb193ab0eb1e2a8aec1a2c70ba19c602f12879217d33ecb8e6f57a84d10c1
5a0a04f8d30d932ec5e8da338f819cd5fc12767d530587dbda21a82213fac929
7ba0d867e58e5caf5499901274fb5425180cce1f974d6c18c0f05ade47a7986e
7c69e133b96235f6a1c04e09244bacdc5836d28cbba62dadeb90b1b029cd6f3f
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
8436c93cfe365821cf9ec9d10320c9abb9862f4292a10e6c6fe75c15f5316b68
b28872f0f84448be9b21b3122132d82e7d8ee60ce4418f38f355945f97e0a386
c45826c66567ef8b3be51a06959f0725a2f7c50998f2557631cb287941982b7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

ww25.pdfdocdownloadspanel.site Open in urlscan Pro 216.120.146.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

60 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

5 IPs

2 Countries

135 kBTransfer

354 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

Indicators

ww25.pdfdocdownloadspanel.site Open in urlscan Pro
216.120.146.200 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

60 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

135 kB
Transfer

354 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions