www.plumbytes.com Open in urlscan Pro
45.55.29.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.plumbytes.com/partner/url/lp1
Effective URL:
http://www.plumbytes.com/l/anti-malware/rw/
Submission: On April 26 via manual (April 26th 2018, 7:42:40 am UTC) from JP

Summary HTTP 28 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 28 HTTP transactions. The main IP is 45.55.29.117, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is www.plumbytes.com.

This is the only time www.plumbytes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	45.55.29.117 45.55.29.117	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	104.19.192.102 104.19.192.102	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	172.217.22.110 172.217.22.110	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	87.250.251.119 87.250.251.119	13238 (YANDEX) (YANDEX)
1 1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	172.217.16.164 172.217.16.164	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.22.99 172.217.22.99	15169 (GOOGLE) (GOOGLE - Google LLC)
28	6

21 45.55.29.117 (San Francisco, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

www.plumbytes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.192.102 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.110 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f110.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 87.250.251.119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: wk-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.164 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f164.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.99 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f99.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	plumbytes.com 1 redirects www.plumbytes.com	130 KB
5	yandex.ru 1 redirects mc.yandex.ru	37 KB
2	google-analytics.com 1 redirects www.google-analytics.com	14 KB
1	google.nl www.google.nl	109 B
1	google.com 1 redirects www.google.com	187 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	160 B
1	googleadservices.com www.googleadservices.com	6 KB
1	cloudflare.com cdnjs.cloudflare.com	78 KB
28	8

	Domain	Requested by
21	www.plumbytes.com	1 redirects www.plumbytes.com
5	mc.yandex.ru	1 redirects www.plumbytes.com
2	www.google-analytics.com	1 redirects www.plumbytes.com
1	www.google.nl	www.plumbytes.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.plumbytes.com
1	cdnjs.cloudflare.com	www.plumbytes.com
28	8

This site contains links to these domains. Also see Links.

Domain
plumbytes.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.plumbytes.com/l/anti-malware/rw/
Frame ID: 4CA3EA949A522D3394B5213438C71089
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.plumbytes.com/partner/url/lp1 HTTP 302
http://www.plumbytes.com/l/anti-malware/rw/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

28
Requests

0 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

264 kB
Transfer

529 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://plumbytes.com/url/download-rwx/?tid=&usrid=f3e81dd3&
Title: Download Now

Search URL Search Domain Scan URL

URL: https://plumbytes.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://plumbytes.com/eula/
Title: License Agreement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.plumbytes.com/partner/url/lp1 HTTP 302
http://www.plumbytes.com/l/anti-malware/rw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1141111643&t=pageview&_s=1&dl=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&ul=en-us&de=UTF-8&dt=How%20to%20Remove%20Malware&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=588074641&gjid=340017551&cid=1209645255.1524728550&uid=f3e81dd3&tid=UA-70116536-1&_gid=1408105310.1524728550&_r=1&z=1810785446 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70116536-1&cid=1209645255.1524728550&jid=588074641&uid=f3e81dd3&_gid=1408105310.1524728550&gjid=340017551&_v=j67&z=1810785446 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70116536-1&cid=1209645255.1524728550&jid=588074641&_v=j67&z=1810785446 HTTP 302
https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70116536-1&cid=1209645255.1524728550&jid=588074641&_v=j67&z=1810785446&slf_rd=1&random=811943690

Request Chain 19

https://mc.yandex.ru/watch/34498890?wmode=7&page-url=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20180426074229%3Aet%3A1524728550%3Aen%3Autf-8%3Av%3A1082%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A515593583%3Ahid%3A815010127%3Ads%3A0%2C0%2C568%2C168%2C1005%2C1005%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A1430%3Awn%3A16430%3Ahl%3A2%3Ast%3A1524728550%3Au%3A152472855036827842%3At%3AHow%20to%20Remove%20Malware HTTP 302
https://mc.yandex.ru/watch/34498890/1?wmode=7&page-url=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20180426074229%3Aet%3A1524728550%3Aen%3Autf-8%3Av%3A1082%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A515593583%3Ahid%3A815010127%3Ads%3A0%2C0%2C568%2C168%2C1005%2C1005%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A1430%3Awn%3A16430%3Ahl%3A2%3Ast%3A1524728550%3Au%3A152472855036827842%3At%3AHow%20to%20Remove%20Malware

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.plumbytes.com/l/anti-malware/rw/
Redirect Chain

http://www.plumbytes.com/partner/url/lp1
http://www.plumbytes.com/l/anti-malware/rw/

17 KB
18 KB

568ms
568ms

Document
text/html

45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 / PHP/5.4.45
Resource Hash: 98282e93046255b4383b319805713d3162fd3dd3e47dbdda95a25c58ee220027

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Set-Cookie: usrid=f3e81dd3; expires=Mon, 25-Jun-2018 07:43:02 GMT; path=/ lang=en; expires=Mon, 25-Jun-2018 07:43:02 GMT; path=/
Keep-Alive: timeout=5, max=99

Redirect headers

Pragma: no-cache
Date: Thu, 26 Apr 2018 07:43:01 GMT
Last-Modified: Thu, 26 Apr 2018 07:43:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
X-Powered-By: PHP/5.4.45
Content-Type: text/html; charset=utf-8
Location: http://www.plumbytes.com/l/anti-malware/rw/
Set-Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; expires=Sun, 27-May-2018 07:43:02 GMT; path=/; domain=.plumbytes.com
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Thu, 21 Jul 1977 07:30:00 GMT

GET
H/1.1 200
OK css-family=Open+Sans-400,300,600,700&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic.css
www.plumbytes.com/l/anti-malware/rw/fonts/ 235 B
547 B 333ms
168ms Stylesheet
text/css 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://www.plumbytes.com/l/anti-malware/rw/fonts/css-family=Open+Sans-400,300,600,700&subset=latin,cyrillic-ext,greek-ext,greek,vietnamese,latin-ext,cyrillic.css
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 8414933cf481fd6698019b135d1b8b10c92652aa2df2fe59d3eeb292c0938f39

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.plumbytes.com/l/anti-malware/rw/
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:02 GMT
Last-Modified: Tue, 15 Dec 2015 09:47:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "eb-526ecac83a800"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 235

GET
H/1.1 200
OK styles.css
www.plumbytes.com/l/anti-malware/rw/styles/ 8 KB
9 KB 337ms
168ms Stylesheet
text/css 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 057300436f58a940328f185a314ad68a85c30f0b7eb1cdb480c14efc333bf80d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.plumbytes.com/l/anti-malware/rw/
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:02 GMT
Last-Modified: Fri, 18 Mar 2016 10:05:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "21ec-52e4fe375de40"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8684

GET
H/1.1 200
OK win-icons.css
www.plumbytes.com/l/anti-malware/rw/styles/ 1 KB
1 KB 338ms
169ms Stylesheet
text/css 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/win-icons.css
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 2e779863be1e51a21760ed8a313bbe2e3b60a7e5259fd055ad736902aa7ac3dd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.plumbytes.com/l/anti-malware/rw/
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:02 GMT
Last-Modified: Tue, 15 Dec 2015 09:47:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "484-526ecac83a800"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1156

GET
S 200 jquery.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-beta1/ 256 KB
78 KB 15ms
14ms Script
application/javascript 104.19.192.102
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-beta1/jquery.js

Requested by

Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/

Protocol

SPDY

Server

104.19.192.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f27c3d7cb5d766466703adc7f7ad7706b7fb05514eec39be0aa253449bd0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date: Thu, 26 Apr 2018 07:42:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2016 14:42:33 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 411769b979af272c-FRA
expires: Tue, 16 Apr 2019 07:42:29 GMT

GET
H/1.1 200
OK detection-os.js Show response
www.plumbytes.com/l/anti-malware/rw/styles/ 2 KB
2 KB 341ms
170ms Script
application/javascript 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/detection-os.js
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: d1df28978c3155117daa97f05234f236bed831984286e1024a9197b7973020b2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: http://www.plumbytes.com/l/anti-malware/rw/
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:02 GMT
Last-Modified: Fri, 25 Dec 2015 07:20:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "7e1-527b3c973ec00"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2017

GET
H/1.1 200
OK main.js Show response
www.plumbytes.com/l/anti-malware/rw/styles/ 457 B
785 B 346ms
173ms Script
application/javascript 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/main.js
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: e0cc891e947f003bf00a617a20ccca4a9c433199f605cf237c2e20345fc8810e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: http://www.plumbytes.com/l/anti-malware/rw/
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:02 GMT
Last-Modified: Tue, 15 Dec 2015 09:47:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "1c9-526ecac83a800"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 457

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 15 KB
6 KB 20ms
14ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/

Protocol

HTTP/1.1

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

977dc76dc36b8c549c29196d94ef44b23b2974ae7c56bd55e1a6d4c2a73bee5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 26 Apr 2018 07:42:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14563463359299978011
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 5932
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Apr 2018 07:42:29 GMT

GET
H/1.1 404
Not Found icon_windows7.jpg
www.plumbytes.com/l/anti-malware/rw/images2/ 241 B
241 B 174ms
173ms Image
text/html 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/images2/icon_windows7.jpg
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 7315aeba146b4cad7270f28d60dbd0c366ee4fdeeabb520f52a47bab62540d56

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 241
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK download-instructions.css
www.plumbytes.com/l/anti-malware/rw/ 11 KB
12 KB 172ms
168ms Stylesheet
text/css 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 266497e5046bad1da5b63a9288302440946295da7aaebf300d0aeacb69372678

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:02 GMT
Last-Modified: Mon, 15 Feb 2016 07:54:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "2d0d-52bca52e9de80"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11533

GET
H/1.1 200
OK download-instructions.js Show response
www.plumbytes.com/l/anti-malware/rw/ 1 KB
2 KB 171ms
170ms Script
application/javascript 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.js
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 3161907e1159f50f0f15e24e80cb77cd5ace8b41698f6754bdaba7c52c706178

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: http://www.plumbytes.com/l/anti-malware/rw/
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Mon, 08 Feb 2016 15:33:13 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "5ff-52b43eb3d0040"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1535

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
6ms Script
text/javascript 172.217.22.110
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/

Protocol

SPDY

Server

172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Apr 2018 18:13:11 GMT
server: Golfe2
age: 2783
date: Thu, 26 Apr 2018 06:56:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14353
expires: Thu, 26 Apr 2018 08:56:06 GMT

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 99 KB
35 KB 56ms
24ms Script
application/x-javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/

Protocol

HTTP/1.1

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

nginx/1.8.1 /

Resource Hash

0087c0936a6ba41eed9512611a676284065e90326dc14da27d7c97d100cfb47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:42:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Apr 2018 13:01:03 GMT
Server: nginx/1.8.1
Strict-Transport-Security: max-age=31536000
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 35379
Expires: Thu, 26 Apr 2018 08:42:29 GMT

GET
H/1.1 200
OK down.png
www.plumbytes.com/l/anti-malware/rw/styles/images/ 215 B
528 B 170ms
170ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/images/down.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: dd9d8b0c8c7e6d4cbc0bfa3ce8b4153893566b98376a37f395c8825876542277

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 15 Dec 2015 09:47:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "d7-526ecac652380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 215

GET
H/1.1 200
OK update.png
www.plumbytes.com/l/anti-malware/rw/styles/images/ 1 KB
1 KB 170ms
170ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/images/update.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 1c1fb9a5afecc9cdc434ffd5bfbe5e56f100cad11a8f0efd534263ae68a2235d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 15 Dec 2015 09:47:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "432-526ecac652380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1074

GET
H/1.1 200
OK expanded.png
www.plumbytes.com/l/anti-malware/rw/styles/images/ 770 B
1 KB 168ms
168ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/images/expanded.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 5fd74bd2d8a7b0dfd8d0503b8be89fb077a1dbf63e6bdfb650d3b777461bad26

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 15 Dec 2015 09:47:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "302-526ecac652380"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 770

GET
H/1.1 404
Not Found win.png
www.plumbytes.com/l/anti-malware/rw/images/windows/ 238 B
238 B 169ms
169ms Image
text/html 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/images/windows/win.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 3150e0fa0cb0513617bc942cf371cb4d7271ed8a446a7176d6a82e61a77c8420

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/win-icons.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/win-icons.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK win_small.png
www.plumbytes.com/l/anti-malware/rw/styles/images/ 495 B
809 B 281ms
170ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/images/win_small.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: e2848af10df6118b8b2ffa497973a166964752bdea66fb9d6992be8f80478546

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 15 Dec 2015 09:47:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "1ef-526ecac7465c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 495

GET
H/1.1 200
OK pc_icon.png
www.plumbytes.com/l/anti-malware/rw/styles/images/ 190 B
503 B 307ms
173ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/styles/images/pc_icon.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 43c62c5a5800948950676639cc30b81bc9275f1d891e9a9b6df5aa1832226a6b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/styles/styles.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 15 Dec 2015 09:47:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "be-526ecac7465c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 190

GET
S

200

ga-audiences
www.google.nl/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j67&a=1141111643&t=pageview&_s=1&dl=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&ul=en-us&de=UTF-8&dt=How%20to%20Remove%20Malware&sd=2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-70116536-1&cid=1209645255.1524728550&jid=588074641&uid=f3e81dd3&_gid=1408105310.1524728550&gjid=340017551&_v=j67&z=1810785446
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70116536-1&cid=1209645255.1524728550&jid=588074641&_v=j67&z=1810785446
https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70116536-1&cid=1209645255.1524728550&jid=588074641&_v=j67&z=1810785446&slf_rd=1&random=811943690

42 B
109 B

16ms
15ms

Image
image/gif

172.217.22.99
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70116536-1&cid=1209645255.1524728550&jid=588074641&_v=j67&z=1810785446&slf_rd=1&random=811943690

Requested by

Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/

Protocol

SPDY

Server

172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Apr 2018 07:42:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Apr 2018 07:42:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-70116536-1&cid=1209645255.1524728550&jid=588074641&_v=j67&z=1810785446&slf_rd=1&random=811943690
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/34498890/
Redirect Chain

https://mc.yandex.ru/watch/34498890?wmode=7&page-url=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3A...
https://mc.yandex.ru/watch/34498890/1?wmode=7&page-url=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%...

0
-1 B

13ms
13ms

XHR

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/34498890/1?wmode=7&page-url=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20180426074229%3Aet%3A1524728550%3Aen%3Autf-8%3Av%3A1082%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A515593583%3Ahid%3A815010127%3Ads%3A0%2C0%2C568%2C168%2C1005%2C1005%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A1430%3Awn%3A16430%3Ahl%3A2%3Ast%3A1524728550%3Au%3A152472855036827842%3At%3AHow%20to%20Remove%20Malware

Requested by

Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/

Protocol

HTTP/1.1

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

nginx/1.8.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Apr 2018 07:42:29 GMT
Last-Modified: Thu, 26 Apr 2018 07:42:29 GMT
Server: nginx/1.8.1
Location: https://mc.yandex.ru/watch/34498890/1?wmode=7&page-url=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20180426074229%3Aet%3A1524728550%3Aen%3Autf-8%3Av%3A1082%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A515593583%3Ahid%3A815010127%3Ads%3A0%2C0%2C568%2C168%2C1005%2C1005%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A1430%3Awn%3A16430%3Ahl%3A2%3Ast%3A1524728550%3Au%3A152472855036827842%3At%3AHow%20to%20Remove%20Malware
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin: http://www.plumbytes.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Apr 2018 07:42:29 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 26 Apr 2018 07:42:29 GMT
Last-Modified: Thu, 26 Apr 2018 07:42:29 GMT
Server: nginx/1.8.1
Location: https://mc.yandex.ru/watch/34498890/1?wmode=7&page-url=http%3A%2F%2Fwww.plumbytes.com%2Fl%2Fanti-malware%2Frw%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20180426074229%3Aet%3A1524728550%3Aen%3Autf-8%3Av%3A1082%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A515593583%3Ahid%3A815010127%3Ads%3A0%2C0%2C568%2C168%2C1005%2C1005%2C1%2C%2C%2C%2C%2C%2C%3Afp%3A1430%3Awn%3A16430%3Ahl%3A2%3Ast%3A1524728550%3Au%3A152472855036827842%3At%3AHow%20to%20Remove%20Malware
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin: http://www.plumbytes.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Apr 2018 07:42:29 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/34498890/ 133 B
680 B 16ms
15ms XHR
application/json 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/

Protocol

HTTP/1.1

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

nginx/1.8.1 /

Resource Hash

d24f277e43707388a6f18c08c6f059d9497828a9254711cb20bbbb45435a4209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id: 4CA3EA949A522D3394B5213438C71089
Origin: http://www.plumbytes.com
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 26 Apr 2018 07:42:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Apr 2018 07:42:29 GMT
Server: nginx/1.8.1
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin: http://www.plumbytes.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 133
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Apr 2018 07:42:29 GMT

GET
H/1.1 200
OK loading.gif
www.plumbytes.com/l/anti-malware/rw/img/os/ 3 KB
3 KB 171ms
171ms Image
image/gif 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/img/os/loading.gif
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 9bcfc5a9eca187a3479e56f8b5bd5c4788cd0b464104516897eb3ac9ec49bd14

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en; _ga=GA1.2.1209645255.1524728550; _gid=GA1.2.1408105310.1524728550; _gat=1; _ym_uid=152472855036827842; _ym_visorc_34498890=w; _ym_isad=2
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Fri, 27 Nov 2015 08:49:47 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "a30-52581c60860c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2608

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
349 B 12ms
12ms Image
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/

Protocol

HTTP/1.1

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

nginx/1.8.1 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.plumbytes.com/l/anti-malware/rw/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:42:29 GMT
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.8.1
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Mar 2048 07:42:29 GMT

GET
H/1.1 200
OK close.png
www.plumbytes.com/l/anti-malware/rw/antimalware/i/ 1 KB
2 KB 189ms
170ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/antimalware/i/close.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 663389a1907053af26d29c8d437f52668b551cff2e77a87c4ac8a4eea5831baf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en; _ga=GA1.2.1209645255.1524728550; _gid=GA1.2.1408105310.1524728550; _gat=1; _ym_uid=152472855036827842; _ym_visorc_34498890=w
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 02 Feb 2016 15:15:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "599-52acafa7fe780"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1433

GET
H/1.1 200
OK chrome-screen.png
www.plumbytes.com/l/anti-malware/rw/antimalware/i/ 70 KB
71 KB 189ms
170ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/antimalware/i/chrome-screen.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 88a881128ff66256ceed5b19e64d9b7862785e43e7ba8c0dcfe36d9f699c5e33

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en; _ga=GA1.2.1209645255.1524728550; _gid=GA1.2.1408105310.1524728550; _gat=1; _ym_uid=152472855036827842; _ym_visorc_34498890=w
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 02 Feb 2016 17:10:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "11917-52acc95d4cec0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 71959

GET
H/1.1 200
OK steps.png
www.plumbytes.com/l/anti-malware/rw/i/ 2 KB
2 KB 186ms
168ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/i/steps.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: 41c4d4b00516fe706b1d84d3dce65db8d217a6a3fdfa59583cbedac56036846e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en; _ga=GA1.2.1209645255.1524728550; _gid=GA1.2.1408105310.1524728550; _gat=1; _ym_uid=152472855036827842; _ym_visorc_34498890=w
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 02 Feb 2016 15:16:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "716-52acafc2b2680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1814

GET
H/1.1 200
OK chrome-logo.png
www.plumbytes.com/l/anti-malware/rw/i/ 3 KB
3 KB 190ms
170ms Image
image/png 45.55.29.117
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.plumbytes.com/l/anti-malware/rw/i/chrome-logo.png
Requested by: Host: www.plumbytes.com
URL: http://www.plumbytes.com/l/anti-malware/rw/
Protocol: HTTP/1.1
Server: 45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 /
Resource Hash: f98a654ac267d2aec0aa7a6d78b69f58376a6652b7e87f7557963fe66779bee4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.plumbytes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
Cookie: 2b305=%7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D; usrid=f3e81dd3; lang=en; _ga=GA1.2.1209645255.1524728550; _gid=GA1.2.1408105310.1524728550; _gat=1; _ym_uid=152472855036827842; _ym_visorc_34498890=w
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.plumbytes.com/l/anti-malware/rw/download-instructions.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Thu, 26 Apr 2018 07:43:03 GMT
Last-Modified: Tue, 02 Feb 2016 15:16:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
ETag: "add-52acafc0ca200"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2781

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plumbytes.com/	1970-01-18 15:33:20	Name: _ym_isad Value: 2
.plumbytes.com/	1970-01-18 15:32:10	Name: _ym_visorc_34498890 Value: w
.plumbytes.com/	1970-01-19 08:48:56	Name: _ym_uid Value: 152472855036827842
.plumbytes.com/	1970-01-18 15:32:08	Name: _gat Value: 1
.plumbytes.com/	1970-01-18 15:33:34	Name: _gid Value: GA1.2.1408105310.1524728550
www.plumbytes.com/	1970-01-18 16:58:32	Name: lang Value: en
.plumbytes.com/	1970-01-18 16:16:46	Name: 2b305 Value: %7B%22streams%22%3A%5B1524699765%5D%2C%22campaigns%22%3A%7B%2213%22%3A1524699765%7D%2C%22time%22%3A1524699765%7D
.plumbytes.com/	1970-01-19 09:03:20	Name: _ga Value: GA1.2.1209645255.1524728550
www.plumbytes.com/	1970-01-18 16:58:32	Name: usrid Value: f3e81dd3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
mc.yandex.ru
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.nl
www.googleadservices.com
www.plumbytes.com
104.19.192.102
172.217.16.164
172.217.21.226
172.217.22.110
172.217.22.99
45.55.29.117
74.125.206.155
87.250.251.119
0087c0936a6ba41eed9512611a676284065e90326dc14da27d7c97d100cfb47a
057300436f58a940328f185a314ad68a85c30f0b7eb1cdb480c14efc333bf80d
1c1fb9a5afecc9cdc434ffd5bfbe5e56f100cad11a8f0efd534263ae68a2235d
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
266497e5046bad1da5b63a9288302440946295da7aaebf300d0aeacb69372678
2e779863be1e51a21760ed8a313bbe2e3b60a7e5259fd055ad736902aa7ac3dd
3150e0fa0cb0513617bc942cf371cb4d7271ed8a446a7176d6a82e61a77c8420
3161907e1159f50f0f15e24e80cb77cd5ace8b41698f6754bdaba7c52c706178
41c4d4b00516fe706b1d84d3dce65db8d217a6a3fdfa59583cbedac56036846e
43c62c5a5800948950676639cc30b81bc9275f1d891e9a9b6df5aa1832226a6b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fd74bd2d8a7b0dfd8d0503b8be89fb077a1dbf63e6bdfb650d3b777461bad26
663389a1907053af26d29c8d437f52668b551cff2e77a87c4ac8a4eea5831baf
7315aeba146b4cad7270f28d60dbd0c366ee4fdeeabb520f52a47bab62540d56
78f27c3d7cb5d766466703adc7f7ad7706b7fb05514eec39be0aa253449bd0f8
8414933cf481fd6698019b135d1b8b10c92652aa2df2fe59d3eeb292c0938f39
88a881128ff66256ceed5b19e64d9b7862785e43e7ba8c0dcfe36d9f699c5e33
977dc76dc36b8c549c29196d94ef44b23b2974ae7c56bd55e1a6d4c2a73bee5a
98282e93046255b4383b319805713d3162fd3dd3e47dbdda95a25c58ee220027
9bcfc5a9eca187a3479e56f8b5bd5c4788cd0b464104516897eb3ac9ec49bd14
d1df28978c3155117daa97f05234f236bed831984286e1024a9197b7973020b2
d24f277e43707388a6f18c08c6f059d9497828a9254711cb20bbbb45435a4209
dd9d8b0c8c7e6d4cbc0bfa3ce8b4153893566b98376a37f395c8825876542277
e0cc891e947f003bf00a617a20ccca4a9c433199f605cf237c2e20345fc8810e
e2848af10df6118b8b2ffa497973a166964752bdea66fb9d6992be8f80478546
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f98a654ac267d2aec0aa7a6d78b69f58376a6652b7e87f7557963fe66779bee4

www.plumbytes.com Open in urlscan Pro 45.55.29.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

0 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

6 IPs

2 Countries

264 kBTransfer

529 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.plumbytes.com Open in urlscan Pro
45.55.29.117 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

0 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

264 kB
Transfer

529 kB
Size

9
Cookies

28 HTTP transactions
0 data transactions