urlscan.io logo urlscan.io
SecurityTrails logo

whm.quickship.ddcnyc.com Open in urlscan Pro
67.227.172.134  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://whm.quickship.ddcnyc.com/
Effective URL: http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Submission: On November 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 67.227.172.134, located in United States and belongs to LIQUIDWEB, US. The main domain is whm.quickship.ddcnyc.com.
This is the only time whm.quickship.ddcnyc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    67.227.172.134 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host2.ebusiness32.com
whm.quickship.ddcnyc.com
6    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
225 KB
7 ddcnyc.com
whm.quickship.ddcnyc.com
32 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
19 4
Domain Requested by
7 whm.quickship.ddcnyc.com whm.quickship.ddcnyc.com
6 pagead2.googlesyndication.com whm.quickship.ddcnyc.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
19 5

This site contains links to these domains. Also see Links.

Domain
go.cpanel.net
cpanel.net
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Frame ID: 1D54A09D7AEE719C988624B76A396DAA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 3E9F4C4944C903D4692DAABA7639258E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3103228924770609&output=html&adk=1812271804&adf=3025194257&lmt=1700838251&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=http%3A%2F%2Fwhm.quickship.ddcnyc.com%2Fcgi-sys%2Fdefaultwebpage.cgi&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&dt=1700838251757&bpp=3&bdt=162&idt=222&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=307933042144&frm=20&pv=2&ga_vid=463415322.1700838252&ga_sid=1700838252&ga_hid=729834602&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532605%2C31079605%2C42531705%2C44785294%2C44809004%2C31078297%2C31079756%2C44807764%2C44808148%2C44808285%2C44809054&oid=2&pvsid=556063289524322&tmod=2081710112&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fwhm.quickship.ddcnyc.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=239
Frame ID: 6BD489CA6C04583B58186AE455746970
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5ACE46C044B4F4313F6F4F9BF015A74
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6913EB444D08AB64789EE419D5DF04D8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Default Web Site Page

Page URL History Show full URLs

  1. http://whm.quickship.ddcnyc.com/ Page URL
  2. http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

19
Requests

63 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

262 kB
Transfer

672 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://whm.quickship.ddcnyc.com/ Page URL
  2. http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
whm.quickship.ddcnyc.com/ 		163 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
http://whm.quickship.ddcnyc.com/
Protocol
HTTP/1.1
Server
67.227.172.134 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host2.ebusiness32.com
Software
Apache /
Resource Hash
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Length
163
Content-Type
text/html
Date
Fri, 24 Nov 2023 15:04:11 GMT
Expires
0
Keep-Alive
timeout=2, max=500
Last-Modified
Tue, 14 Nov 2023 15:41:05 GMT
Pragma
no-cache
Server
Apache
Primary Request defaultwebpage.cgi
whm.quickship.ddcnyc.com/cgi-sys/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Protocol
HTTP/1.1
Server
67.227.172.134 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host2.ebusiness32.com
Software
Apache /
Resource Hash
3443bf2c16b04f4a04db87451e75d684d3deb644cab8196215161cb64c4cb857

Request headers

Referer
http://whm.quickship.ddcnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html
Date
Fri, 24 Nov 2023 15:04:11 GMT
Keep-Alive
timeout=2, max=499
Server
Apache
Transfer-Encoding
chunked
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3103228924770609
Requested by
Host: whm.quickship.ddcnyc.com
URL: http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1b7c0fc1c81c0ee0e8c73c4fbeb0a95346862cdd95f7068c383917106c9c1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://whm.quickship.ddcnyc.com/
Origin
http://whm.quickship.ddcnyc.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 15:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52757
x-xss-protection
0
server
cafe
etag
11019350036356544870
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 24 Nov 2023 15:04:11 GMT
IP_changed.png
whm.quickship.ddcnyc.com/img-sys/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://whm.quickship.ddcnyc.com/img-sys/IP_changed.png
Requested by
Host: whm.quickship.ddcnyc.com
URL: http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Protocol
HTTP/1.1
Server
67.227.172.134 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host2.ebusiness32.com
Software
Apache /
Resource Hash
b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 15:04:11 GMT
Last-Modified
Tue, 16 Mar 2021 20:47:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=498
Content-Length
2939
server_misconfigured.png
whm.quickship.ddcnyc.com/img-sys/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://whm.quickship.ddcnyc.com/img-sys/server_misconfigured.png
Requested by
Host: whm.quickship.ddcnyc.com
URL: http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Protocol
HTTP/1.1
Server
67.227.172.134 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host2.ebusiness32.com
Software
Apache /
Resource Hash
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 15:04:11 GMT
Last-Modified
Tue, 16 Mar 2021 20:47:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
3164
server_moved.png
whm.quickship.ddcnyc.com/img-sys/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://whm.quickship.ddcnyc.com/img-sys/server_moved.png
Requested by
Host: whm.quickship.ddcnyc.com
URL: http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Protocol
HTTP/1.1
Server
67.227.172.134 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host2.ebusiness32.com
Software
Apache /
Resource Hash
3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 15:04:11 GMT
Last-Modified
Tue, 16 Mar 2021 20:47:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Content-Length
3327
powered_by_cpanel.svg
whm.quickship.ddcnyc.com/img-sys/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://whm.quickship.ddcnyc.com/img-sys/powered_by_cpanel.svg
Requested by
Host: whm.quickship.ddcnyc.com
URL: http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Protocol
HTTP/1.1
Server
67.227.172.134 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host2.ebusiness32.com
Software
Apache /
Resource Hash
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 15:04:11 GMT
Last-Modified
Tue, 16 Mar 2021 20:47:00 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
5617
error-bg-left.png
whm.quickship.ddcnyc.com/img-sys/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://whm.quickship.ddcnyc.com/img-sys/error-bg-left.png
Requested by
Host: whm.quickship.ddcnyc.com
URL: http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
Protocol
HTTP/1.1
Server
67.227.172.134 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host2.ebusiness32.com
Software
Apache /
Resource Hash
862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/cgi-sys/defaultwebpage.cgi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 15:04:12 GMT
Last-Modified
Tue, 16 Mar 2021 20:47:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=500
Content-Length
8072
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3103228924770609&plah=whm.quickship.ddcnyc.com&bust=31079756
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3103228924770609
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a773f093c4c98cb4b9a3c4d4d4c65a2ceae9dc9061021ee6bd9d3a7416c49c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 15:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137287
x-xss-protection
0
server
cafe
etag
13723685555366487053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 15:04:11 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 3E9F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3103228924770609
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://whm.quickship.ddcnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 09:36:58 GMT
etag
13268084621564590274
expires
Fri, 08 Dec 2023 09:36:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6BD4 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3103228924770609&output=html&adk=1812271804&adf=3025194257&lmt=1700838251&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=http%3A%2F%2Fwhm.quickship.ddcnyc.com%2Fcgi-sys%2Fdefaultwebpage.cgi&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&dt=1700838251757&bpp=3&bdt=162&idt=222&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=307933042144&frm=20&pv=2&ga_vid=463415322.1700838252&ga_sid=1700838252&ga_hid=729834602&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532605%2C31079605%2C42531705%2C44785294%2C44809004%2C31078297%2C31079756%2C44807764%2C44808148%2C44808285%2C44809054&oid=2&pvsid=556063289524322&tmod=2081710112&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fwhm.quickship.ddcnyc.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=239
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3103228924770609&plah=whm.quickship.ddcnyc.com&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://whm.quickship.ddcnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 15:04:12 GMT
expires
Fri, 24 Nov 2023 15:04:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3103228924770609&plah=whm.quickship.ddcnyc.com&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a62462553ff237045c3d2a0bdbc942a26f1dea9ca5e1dc6b7c40c2b9170b691e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 15:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12286
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3103228924770609&plah=whm.quickship.ddcnyc.com&bust=31079756
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 15:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 15:04:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B5AC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://whm.quickship.ddcnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 14:43:00 GMT
expires
Sat, 23 Nov 2024 14:43:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6913 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1b2b2f42e4b45a3d3e9440d39574969820f72c41423ca63754743bfc1da8407
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xvkSEvxoF4X5A0nMTtfICg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://whm.quickship.ddcnyc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-xvkSEvxoF4X5A0nMTtfICg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 15:04:12 GMT
expires
Fri, 24 Nov 2023 15:04:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame B5AC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
1272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 14:43:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6913 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=556063289524322&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B5AC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YnIATQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 15:04:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=556063289524322&bg=!n5ylnNPNAAZxrfrxUa07ADQBe5WfOGffUXRU9sPdvIRJ_sBa8Ri7XJJTX0WC5kf_wiJVxDOZN-uz5ugkPKzmJgXj129HAgAAAJNSAAAAAmgBB5kCxvv99SOTEkS2P2ZAX3Xa5iRzjEh36JIdp58OA1sf-lZjEdCsIY9YDyNEVySP1A1LxGsOuWZ0Bc_0v2eYV4gs0L7mafLSzQ7l6GNXTDaBlO7dmCUjJQ71b8Bokr3mDL5MXG3ngLy5H0cRabjBqfSyPmVDbPk6gM1y9VFeazpIStjgZ6rGaypOUenFVhMf62Tq47RVR8559jsZQ2p2IjlanrFW_TSGHkWG_MS_uRxVkrtLvSi-Qg0HqlnRAiREsDLlg-U2VMXHhtgq9rfh1zpONlKEnJnjud73Ry-R9gNyk-9FIy8bPDBJU-v1OoMoUE29hkLCvbVB_joBph8BLv2UHbMeH1IBCdMtC3cpmzgFaxSBXQQ_02zL2NHk6s1OB0E0FdNJtydh3lQzW6y7UpL2_dD5Yimjj0C7n8hcZWIWkRD8VmsiVA6RiY6TxTKDNm_l4w2P9DCfpUehmfjNDZHmDOvuSL4FsgNVxi5wG7ULZj13VCeCQvzOQUwS3dALJsxDLHhdQ6aX9IPplghaAoAPu8jaObJG9ioNERTAKRj5flTkVkUFlIbhUY_5Hx-IUUWek2bzE8upUQwHwMugwq33LOeeeI4MhJJl1tOy4fqkTSmZ0Ho30T2rOGafcnosh7ES6CLIoYBvn3vZ9r4vPEzJTfAugKhdABalxmgPADTEGuk4eqEPTLdT4x-X-1aL97nu9U5fV6mnfQ9ktC7qIm36EzPbNDLugMclkGTLv0A4R-EOEvLO9joto303mb9nAzZOO28ZGg69wzMOQAUgtiPtRr1r7FJGc21N5go2baOBhRNa2vhm3USAkAUuI_3rOHzKP6FQacbaTLfvL9iVFlSLovTw4dnSU70D3yZ587uQHhiByrXG2PU9nfABW4t3Q1OjBRkAIostPKYxb0dQctpFOEkmEcc3g6lOwZjlZOSl8bCmWbEK2K73
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://whm.quickship.ddcnyc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
whm.quickship.ddcnyc.com
www.google.com
2a00:1450:4001:80b::2002
2a00:1450:4001:827::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
67.227.172.134
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
3443bf2c16b04f4a04db87451e75d684d3deb644cab8196215161cb64c4cb857
3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e
8a773f093c4c98cb4b9a3c4d4d4c65a2ceae9dc9061021ee6bd9d3a7416c49c8
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
a1b2b2f42e4b45a3d3e9440d39574969820f72c41423ca63754743bfc1da8407
a62462553ff237045c3d2a0bdbc942a26f1dea9ca5e1dc6b7c40c2b9170b691e
b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c
d1b7c0fc1c81c0ee0e8c73c4fbeb0a95346862cdd95f7068c383917106c9c1ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855