www.avira.com Open in urlscan Pro
2a01:138:a001:101:1::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.avira.com/en/support-threats-summary/tid/61050/threat/TR.Crypt.XPACK.440793
Submission: On June 15 via manual (June 15th 2017, 4:21:54 pm UTC) from US

Summary HTTP 62 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 62 HTTP transactions. The main IP is 2a01:138:a001:101:1::1, located in Germany and belongs to QSC-AG-IPX, DE. The main domain is www.avira.com.
TLS certificate: Issued by COMODO RSA Extended Validation Secure... on November 14th 2016. Valid for: 2 years.

This is the only time www.avira.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a01:138:a001... 2a01:138:a001:101:1::1	15598 (QSC-AG-IPX) (QSC-AG-IPX)
37	2a01:138:a001... 2a01:138:a001:101:1::2	15598 (QSC-AG-IPX) (QSC-AG-IPX)
2	95.101.246.111 95.101.246.111	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a03:2880:f02... 2a03:2880:f027:18:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	54.230.53.225 54.230.53.225	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	66.235.148.137 66.235.148.137	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
3	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	74.125.206.157 74.125.206.157	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:401... 2a00:1450:401b:800::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	52.216.226.8 52.216.226.8	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
62	14

7 2a01:138:a001:101:1::1 (Germany)

ASN15598 (QSC-AG-IPX, DE)

www.avira.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a01:138:a001:101:1::2 (Germany)

ASN15598 (QSC-AG-IPX, DE)

www.avira.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.246.111 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-246-111.deploy.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f027:18:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.53.225 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-53-225.jfk6.r.cloudfront.net

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.148.137 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d3.sc.omtrdc.net

aviraoperations.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.157 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: wk-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:800::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.226.8 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

gtrk.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f106:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	avira.com www.avira.com	868 KB
3	google-analytics.com www.google-analytics.com	12 KB
2	amazonaws.com gtrk.s3.amazonaws.com	64 B
2	facebook.net connect.facebook.net	19 KB
2	adobedtm.com assets.adobedtm.com	36 KB
1	facebook.com www.facebook.com	53 B
1	omtrdc.net aviraoperations.d3.sc.omtrdc.net	43 B
1	crazyegg.com script.crazyegg.com	4 KB
1	doubleclick.net bid.g.doubleclick.net Failed stats.g.doubleclick.net	53 B
1	google.de www.google.de Failed	51 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	googleadservices.com www.googleadservices.com	5 KB
62	12

	Domain	Requested by
44	www.avira.com	www.avira.com
3	www.google-analytics.com	www.googletagmanager.com www.avira.com
2	gtrk.s3.amazonaws.com	www.avira.com
2	connect.facebook.net	www.avira.com connect.facebook.net
2	assets.adobedtm.com	www.avira.com assets.adobedtm.com
1	www.facebook.com	www.avira.com
1	stats.g.doubleclick.net	www.avira.com
1	aviraoperations.d3.sc.omtrdc.net	www.avira.com
1	script.crazyegg.com	www.avira.com
1	www.google.de	www.avira.com
1	www.googletagmanager.com	www.avira.com
1	www.googleadservices.com	www.avira.com
0	bid.g.doubleclick.net Failed	www.googleadservices.com
62	13

This site contains links to these domains. Also see Links.

Domain
partnernet.avira.com
my.avira.com
license.avira.com
analysis.avira.com
www.facebook.com
twitter.com
www.linkedin.com
www.pinterest.com
plus.google.com
blog.avira.com

Subject Issuer	Validity	Valid
www.avira.com COMODO RSA Extended Validation Secure Server CA	`2016-11-14` - `2019-02-12`	2 years	crt.sh
www.adobetag.com DigiCert SHA2 High Assurance Server CA	`2016-10-29` - `2019-11-06`	3 years	crt.sh
www.googleadservices.com Google Internet Authority G2	`2017-06-07` - `2017-08-30`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-06-07` - `2017-08-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2015-04-26` - `2018-06-28`	3 years	crt.sh
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2016-05-04` - `2019-05-23`	3 years	crt.sh
*.g.doubleclick.net Google Internet Authority G2	`2017-06-07` - `2017-08-30`	3 months	crt.sh
www.google.de Google Internet Authority G2	`2017-06-07` - `2017-08-30`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2016-07-29` - `2017-11-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.avira.com/en/support-threats-summary/tid/61050/threat/TR.Crypt.XPACK.440793
Frame ID: 14693.1
Requests: 60 HTTP requests in this frame

Frame: https://www.google.de/ads/user-lists/1040650975/?random=1497543703245&cv=8&fst=1497543703245&num=1&fmt=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&frm=0&url=https%3A%2F%2Fwww.avira.com%2Fen%2Fsupport-threats-summary%2Ftid%2F61050%2Fthreat%2FTR.Crypt.XPACK.440793&tiba=TR%2FCrypt.XPACK.440793%20-%20Avira%20Virus%20Lab&cdct=2&is_vtc=1&random=3483995427&fpvtc=/1040650975/%3Frandom%3D2077770984%26cv%3D8%26fst%3D1497542400000%26num%3D1%26fmt%3D1%26guid%3DON%26eid%3D376635471%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.avira.com%252Fen%252Fsupport-threats-summary%252Ftid%252F61050%252Fthreat%252FTR.Crypt.XPACK.440793%26tiba%3DTR%252FCrypt.XPACK.440793%2520-%2520Avira%2520Virus%2520Lab%26cdct%3D2%26is_vtc%3D1&ipr=y&ulfeg=n
Frame ID: 14693.4
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 14693.5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

62
Requests

97 %
HTTPS

54 %
IPv6

12
Domains

13
Subdomains

14
IPs

4
Countries

975 kB
Transfer

2194 kB
Size

18
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://partnernet.avira.com/en/partner-locator/
Title: Find a Channel Partner

Search URL Search Domain Scan URL

URL: https://partnernet.avira.com/en/login
Title: PartnerNet Login

Search URL Search Domain Scan URL

URL: https://my.avira.com/en/referral/website
Title: Log In

Search URL Search Domain Scan URL

URL: https://license.avira.com/en/login?ff=webs
Title: Log In

Search URL Search Domain Scan URL

URL: https://license.avira.com/en/register?ff=webs
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://license.avira.com/en/recover?ff=webs
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://license.avira.com/en/reset?ff=webs
Title: Set Password

Search URL Search Domain Scan URL

URL: https://license.avira.com/en/products?ff=webs
Title: Products

Search URL Search Domain Scan URL

URL: https://license.avira.com/en/payment-history?ff=webs
Title: Payment History

Search URL Search Domain Scan URL

URL: https://license.avira.com/en/notifications?ff=webs
Title: Notifications

Search URL Search Domain Scan URL

URL: https://license.avira.com/en/logout?ff=webs
Title: Log Out

Search URL Search Domain Scan URL

URL: https://analysis.avira.com/en/submit
Title: Submit your file/URL

Search URL Search Domain Scan URL

URL: https://www.facebook.com/avira
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/avira
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/avira-gmbh
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/avira/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://plus.google.com/108230805687624972425?rel=author&prsrc=3
Title: Google Plus

Search URL Search Domain Scan URL

URL: https://blog.avira.com/
Title: Avira Blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 32

https://www.google.com/ads/user-lists/1040650975/?random=1497543703245&cv=8&fst=1497543703245&num=1&fmt=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/ads/user-lists/1040650975/?random=1497543703245&cv=8&fst=1497543703245&num=1&fmt=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

Request 51

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91838939-1&cid=1838181908.1497543703&jid=1844985658&_v=j56&z=1038418388
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91838939-1&cid=1838181908.1497543703&jid=1844985658&_v=j56&z=1038418388&slf_rd=1&random=3292014653

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set TR.Crypt.XPACK.440793 Show response
www.avira.com/en/support-threats-summary/tid/61050/threat/ 74 KB
18 KB 565ms
473ms Document
text/html 2a01:138:a001:101:1::1
QSC-AG-IPX

General

Domain/Path	Expires	Name / Value
.avira.com/	2017-06-22 16:21:43	Name: country Value: DE
.avira.com/	2019-06-15 16:21:43	Name: s_fid Value: 4A8DC4C04D519F20-06EAED931467B6ED
.avira.com/	1970-01-01 00:00:00	Name: passthrough Value: %5B%5D
.avira.com/	2017-07-30 16:21:43	Name: permpassthrough Value: %5B%5D
.avira.com/	1970-01-01 00:00:00	Name: s_sq Value: %5B%5BB%5D%5D
www.avira.com/	1970-01-01 00:00:00	Name: PHPSESSID Value: n2litmp4cdn9ms39spk34nbff7
.avira.com/	2018-06-15 16:21:43	Name: avr_pp Value: %7B%22937%22%3A%7B%22ttl%22%3A%221459436400%22%2C%22prm%22%3A%22ab_test_price_new%22%7D%7D
.avira.com/	2017-09-15 00:00:00	Name: _ceg.u Value: orlk47
.avira.com/	2017-06-16 16:21:43	Name: _gid Value: GA1.2.1835505649.1497543703
.avira.com/	2017-06-15 16:22:43	Name: _dc_gtm_UA-18632931-1 Value: 1
.avira.com/	2017-07-15 16:21:43	Name: language Value: en
.doubleclick.net/	2017-06-15 16:36:43	Name: test_cookie Value: CheckForPermission
.avira.com/	2017-09-15 00:00:00	Name: _ceg.s Value: orlk47
.avira.com/	1970-01-01 00:00:00	Name: s_cc Value: true
www.avira.com/	2019-06-15 16:21:43	Name: _sdsat_visitorId Value: g_5942b41690eff
.avira.com/	2019-06-15 16:21:43	Name: _ga Value: GA1.2.1838181908.1497543703
.avira.com/	2018-06-15 16:21:43	Name: av_cid Value: q1ZKzkxRslJKjze1NDFKMjE0szRITUtT0lEqXDBL5JXm5NQCXDA%3D
.avira.com/	2017-06-15 16:22:43	Name: _dc_gtm_UA-91838939-1 Value: 1

www.avira.com Open in urlscan Pro 2a01:138:a001:101:1::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

62 Requests

97 %HTTPS

54 %IPv6

12 Domains

13 Subdomains

14 IPs

4 Countries

975 kBTransfer

2194 kBSize

18 Cookies

18 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avira.com Open in urlscan Pro
2a01:138:a001:101:1::1 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

54 %
IPv6

12
Domains

13
Subdomains

14
IPs

4
Countries

975 kB
Transfer

2194 kB
Size

18
Cookies

62 HTTP transactions
0 data transactions