www.how2remove-virus.com
Open in
urlscan Pro
132.148.6.70
Public Scan
URL:
http://www.how2remove-virus.com/jp/delete-orbitum/
Submission: On August 14 via manual from JP
Submission: On August 14 via manual from JP
Summary
This website contacted 13 IPs
in 3 countries
across 18 domains to perform 38 HTTP transactions.
The main IP is 132.148.6.70, located in
Scottsdale, United States and
belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US.
The main domain is www.how2remove-virus.com.
This is the only time www.how2remove-virus.com was scanned on urlscan.io!
This is the only time www.how2remove-virus.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 6 18 | 132.148.6.70 132.148.6.70 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 10 | 2a00:1450:400... 2a00:1450:4001:817::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 1 | 2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:81a::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 5 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 5 6 | 149.126.77.38 149.126.77.38 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
| 1 1 | 161.47.7.14 161.47.7.14 | 19994 (RACKSPACE) (RACKSPACE - Rackspace Hosting) | |
| 2 2 | 52.54.161.129 52.54.161.129 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 1 | 52.200.131.123 52.200.131.123 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 52.201.134.21 52.201.134.21 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 | 54.230.95.184 54.230.95.184 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 2 | 45.60.33.126 45.60.33.126 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81d::200d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 38 | 13 |
18
132.148.6.70
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-132-148-6-70.ip.secureserver.net
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-132-148-6-70.ip.secureserver.net
| www.how2remove-virus.com | |
| how2remove-virus.com |
1
2a00:1450:4001:808::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
10
2a00:1450:4001:817::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| pagead2.googlesyndication.com | |
| adservice.google.de | |
| adservice.google.com | |
| googleads.g.doubleclick.net | |
| www.googletagservices.com |
1
2606:2800:234:46c:e8b:1e2f:2bd:694
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| platform.twitter.com |
1
2a03:2880:f106:83:face:b00c:0:25de
(Ireland)
ASN32934 (FACEBOOK - Facebook, Inc., US)
ASN32934 (FACEBOOK - Facebook, Inc., US)
| www.facebook.com |
2
2a00:1450:4001:81a::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
5
2a00:1450:4001:80b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| apis.google.com |
6
149.126.77.38
(Frankfurt am Main, Germany)
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 149.126.77.38.ip.incapdns.net
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 149.126.77.38.ip.incapdns.net
| ontop1.reimage.revenuewire.net | |
| ontop1.reimage.safecart.com | |
| link.safecart.com | |
| oneway.enigma.revenuewire.net | |
| oneway.enigma.safecart.com |
1
161.47.7.14
(San Antonio, United States)
ASN19994 (RACKSPACE - Rackspace Hosting, US)
ASN19994 (RACKSPACE - Rackspace Hosting, US)
| www.reimageplus.com |
2
52.54.161.129
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-54-161-129.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-54-161-129.compute-1.amazonaws.com
| kromtech.net |
1
52.200.131.123
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-200-131-123.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-200-131-123.compute-1.amazonaws.com
| assets.kromtech.net |
1
52.201.134.21
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-201-134-21.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-201-134-21.compute-1.amazonaws.com
| app7.kromtech.net |
1
54.230.95.184
(Seattle, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-184.fra2.r.cloudfront.net
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-184.fra2.r.cloudfront.net
| www.spyhunter.com |
2
45.60.33.126
(United States)
ASN19551 (INCAPSULA - Incapsula Inc, US)
ASN19551 (INCAPSULA - Incapsula Inc, US)
| send.onenetworkdirect.net | |
| affiliates.digitalriver.com |
1
2a00:1450:4001:81d::200d
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| accounts.google.com |
| Domain | Requested by | |
|---|---|---|
| 16 | www.how2remove-virus.com |
6 redirects
www.how2remove-virus.com
|
| 5 | apis.google.com |
www.how2remove-virus.com
apis.google.com |
| 4 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
| 3 | pagead2.googlesyndication.com |
www.how2remove-virus.com
pagead2.googlesyndication.com |
| 2 | kromtech.net | 2 redirects |
| 2 | link.safecart.com |
1 redirects
www.how2remove-virus.com
|
| 2 | fonts.gstatic.com |
www.how2remove-virus.com
|
| 2 | how2remove-virus.com |
www.how2remove-virus.com
|
| 1 | accounts.google.com |
apis.google.com
|
| 1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
| 1 | affiliates.digitalriver.com |
www.how2remove-virus.com
|
| 1 | send.onenetworkdirect.net | 1 redirects |
| 1 | www.spyhunter.com |
www.how2remove-virus.com
|
| 1 | oneway.enigma.safecart.com | 1 redirects |
| 1 | oneway.enigma.revenuewire.net | 1 redirects |
| 1 | app7.kromtech.net |
www.how2remove-virus.com
|
| 1 | assets.kromtech.net | 1 redirects |
| 1 | www.reimageplus.com | 1 redirects |
| 1 | ontop1.reimage.safecart.com | 1 redirects |
| 1 | ontop1.reimage.revenuewire.net | 1 redirects |
| 1 | adservice.google.com |
pagead2.googlesyndication.com
|
| 1 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | www.facebook.com |
www.how2remove-virus.com
|
| 1 | platform.twitter.com |
www.how2remove-virus.com
|
| 1 | fonts.googleapis.com |
www.how2remove-virus.com
|
| 0 | www.tqlkg.com Failed |
www.how2remove-virus.com
|
| 38 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.tkqlhce.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| 1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
| *.googleapis.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
| *.google.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
| *.apis.google.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
| *.g.doubleclick.net Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
| kromtech.net Amazon |
2019-08-13 - 2020-09-13 |
a year | crt.sh |
| *.spyhunter.com Amazon |
2019-06-18 - 2020-07-18 |
a year | crt.sh |
| accounts.google.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
This page contains 10 frames:
Primary Page:
http://www.how2remove-virus.com/jp/delete-orbitum/
Frame ID: C2226006BFF40D4931F1ADF274B26ED4
Requests: 29 HTTP requests in this frame
Frame:
http://platform.twitter.com/widgets/tweet_button.1363148939.html
Frame ID: 3520CE482DBAA2AA7F6164476E44D606
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/like.php?href=http://www.how2remove-virus.com/jp/delete-orbitum/&locale=en_US&layout=box_count&action=like&width=50&height=60&colorscheme=light
Frame ID: A4258582FFCB37611B4176721059F6FE
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20190812/r20190131/zrt_lookup.html
Frame ID: B540C0C813402FBD47DF92B5A1310159
Requests: 1 HTTP requests in this frame
Frame:
https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=tall&origin=http%3A%2F%2Fwww.how2remove-virus.com&url=http%3A%2F%2Fwww.how2remove-virus.com%2Fjp%2Fdelete-orbitum%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.tkLGB8oygGw.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCOVrdiUrdoKYhlUTq9WIvZT-VXTAA%2Fm%3D__features__
Frame ID: 3D2325B4D70A8B583C5C464A149A9A6E
Requests: 1 HTTP requests in this frame
Frame:
https://apis.google.com/se/0/_/+1/sharebutton?plusShare=true&usegapi=1&action=share&annotation=vertical-bubble&height=60&origin=http%3A%2F%2Fwww.how2remove-virus.com&url=http%3A%2F%2Fwww.how2remove-virus.com%2Fjp%2Fdelete-orbitum%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.tkLGB8oygGw.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCOVrdiUrdoKYhlUTq9WIvZT-VXTAA%2Fm%3D__features__
Frame ID: 137F932F3AE69DC6DE7364E61AA57CA6
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=60&slotname=4025011203&adk=1447980876&adf=2317101082&w=468&lmt=1565743701&guci=1.2.0.0.2.2.0.0&format=468x60&url=http%3A%2F%2Fwww.how2remove-virus.com%2Fjp%2Fdelete-orbitum%2F&flash=0&wgl=1&adsid=NT&dt=1565743701438&bpp=15&bdt=1020&fdt=135&idt=135&shv=r20190812&cbv=r20190131&saldr=aa&abxe=1&correlator=4906771957454&rume=1&frm=20&pv=2&ga_vid=1549381032.1565743702&ga_sid=1565743702&ga_hid=101822908&ga_fc=0&iag=0&icsg=545324715&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=294&ady=349&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060549%2C26835106%2C410075105%2C21063396&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=55YsY2yyri&p=http%3A//www.how2remove-virus.com&dtd=153
Frame ID: A0A9C34D6399F1DBA495DF99E9A5F0E8
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=250&slotname=3379209609&adk=3280423831&adf=3875904035&w=300&lmt=1565743701&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fwww.how2remove-virus.com%2Fjp%2Fdelete-orbitum%2F&flash=0&avail_w=288&wgl=1&adsid=NT&dt=1565743701453&bpp=4&bdt=1035&fdt=147&idt=147&shv=r20190812&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=468x60&correlator=4906771957454&rume=1&frm=20&pv=1&ga_vid=1549381032.1565743702&ga_sid=1565743702&ga_hid=101822908&ga_fc=0&iag=0&icsg=2692808363&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1003&ady=774&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060549%2C26835106%2C410075105%2C21063396&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4bntoJH7gR&p=http%3A//www.how2remove-virus.com&dtd=151
Frame ID: B865CB50307CC5E36481A5499FAFC852
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&adk=1812271804&adf=3025194257&lmt=1565743701&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.how2remove-virus.com%2Fjp%2Fdelete-orbitum%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1565743701469&bpp=2&bdt=1051&fdt=140&idt=140&shv=r20190812&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=468x60%2C300x250&nras=1&correlator=4906771957454&rume=1&frm=20&pv=1&ga_vid=1549381032.1565743702&ga_sid=1565743702&ga_hid=101822908&ga_fc=0&iag=0&icsg=2692808363&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060549%2C26835106%2C410075105%2C21063396&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=16&bc=23&ifi=2&uci=a!2&fsb=1&dtd=144
Frame ID: CE46FC17E9DD9B9E2D71C63DD9E2CFC2
Requests: 1 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.how2remove-virus.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.tkLGB8oygGw.O%2Fam%3DwQE%2Fd%3D1%2Frs%3DAGLTcCOVrdiUrdoKYhlUTq9WIvZT-VXTAA%2Fm%3D__features__
Frame ID: 559AFFC70AC0A3AEC1529629E7AA54AC
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\//i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Plus
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /apis\.google\.com\/js\/[a-z]*\.js/i
Twitter
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://www.tkqlhce.com/click-7141446-11114083-1421849326000
Title:
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,latin-ext HTTP 307
- https://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,latin-ext
- http://www.facebook.com/plugins/like.php?href=http://www.how2remove-virus.com/jp/delete-orbitum/&locale=en_US&layout=box_count&action=like&width=50&height=60&colorscheme=light HTTP 307
- https://www.facebook.com/plugins/like.php?href=http://www.how2remove-virus.com/jp/delete-orbitum/&locale=en_US&layout=box_count&action=like&width=50&height=60&colorscheme=light
- http://www.how2remove-virus.com/download-reimage HTTP 301
- http://www.how2remove-virus.com/download-reimage/ HTTP 302
- http://ontop1.reimage.revenuewire.net/reimage-pc-repair/download/ HTTP 302
- http://ontop1.reimage.safecart.com/reimage-pc-repair/download/ HTTP 301
- http://www.reimageplus.com/includes/router_land.php?tracking=revenuewire&exec=run HTTP 302
- https://link.safecart.com/2m4rud HTTP 301
- http://kromtech.net/link/3ca1cf50-2605-11e9-837c-127369ec21d1&tid_ext=PoioneerClick;1e27c350cbef91a0b271bfb1e279338d834e9d32 HTTP 302
- http://assets.kromtech.net/lnd?back=aHR0cDovL2tyb210ZWNoLm5ldC9saW5rLzNjYTFjZjUwLTI2MDUtMTFlOS04MzdjLTEyNzM2OWVjMjFkMSZ0aWRfZXh0PVBvaW9uZWVyQ2xpY2s7MWUyN2MzNTBjYmVmOTFhMGIyNzFiZmIxZTI3OTMzOGQ4MzRlOWQzMiZyZXFpZD1Sb290PTEtNWQ1MzVhNWQtMDQ4NmIzY2NmMzE5NDIyY2MwZTliOWUw&reqid=Root%3D1-5d535a5d-0486b3ccf319422cc0e9b9e0&sign=b3fdf6ac9f1daa650c84fdcf74c4525a9f3a18aa HTTP 302
- http://kromtech.net/link/3ca1cf50-2605-11e9-837c-127369ec21d1&tid_ext=PoioneerClick;1e27c350cbef91a0b271bfb1e279338d834e9d32&reqid=Root=1-5d535a5d-0486b3ccf319422cc0e9b9e0&guid=452ba326-be2d-11e9-959a-0242ac110002&adb=0 HTTP 302
- https://app7.kromtech.net/landings/216.1/?affid=44e25480-be2d-11e9-a694-5b56a1824800-mzb&alert=44&epayId=29&guid=452ba326-be2d-11e9-959a-0242ac110002&landId=2758&r-chain=101993&reqid=Root=1-5d535a5d-0486b3ccf319422cc0e9b9e0&tid_ext=PoioneerClick;1e27c350cbef91a0b271bfb1e279338d834e9d32&trt=29_4651156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t1_2161_splt481_465_5aug&utm_content=&utm_medium=&utm_source=&utm_term=
- http://www.how2remove-virus.com/download-plumbytes HTTP 301
- http://www.how2remove-virus.com/download-plumbytes/ HTTP 302
- http://link.safecart.com/2hwajr/aHR0cDovL3d3dy5wbHVtYnl0ZXMuY29tL3BhcnRuZXIvdXJsL2Rvd25sb2Fk
- http://www.how2remove-virus.com/download-spyhunter HTTP 301
- http://www.how2remove-virus.com/download-spyhunter/ HTTP 302
- http://oneway.enigma.revenuewire.net/spyhunter2/download/ HTTP 302
- http://oneway.enigma.safecart.com/spyhunter2/download/ HTTP 301
- https://www.spyhunter.com/rw/
- http://send.onenetworkdirect.net/z/580857/CD230692 HTTP 302
- http://affiliates.digitalriver.com/z/580857/CD230692
38 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
www.how2remove-virus.com/jp/delete-orbitum/ |
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
www.how2remove-virus.com/wp-content/plugins/side-matter/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
display-authors-widget.css
www.how2remove-virus.com/wp-content/plugins/display-authors-widget/css/ |
545 B 625 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ Redirect Chain
|
4 KB 846 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
www.how2remove-virus.com/wp-content/themes/iconic-one/ |
32 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
custom.css
www.how2remove-virus.com/wp-content/themes/iconic-one/ |
66 B 498 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.how2remove-virus.com/wp-includes/js/jquery/ |
94 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
www.how2remove-virus.com/wp-includes/js/jquery/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.autosize.js
www.how2remove-virus.com/wp-content/plugins/side-matter/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
94 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top-instruction-to-remove-ads-by-orbitum-completely-1.jpg
www.how2remove-virus.com/wp-content/uploads/2015/02/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
image-7141446-11114083-1421849326000
www.tqlkg.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
selectnav.js
www.how2remove-virus.com/wp-content/themes/iconic-one/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
generator.php
how2remove-virus.com/ |
53 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tweet_button.1363148939.html
platform.twitter.com/widgets/ Frame 3520 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
like.php
www.facebook.com/plugins/ Frame A425 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
platform.js
apis.google.com/js/ |
43 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 476 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 476 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190812/r20190131/ |
215 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190812/r20190131/ Frame B540 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
app7.kromtech.net/landings/216.1/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aHR0cDovL3d3dy5wbHVtYnl0ZXMuY29tL3BhcnRuZXIvdXJsL2Rvd25sb2Fk
link.safecart.com/2hwajr/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.spyhunter.com/rw/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CD230692
affiliates.digitalriver.com/z/580857/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.tkLGB8oygGw.O/m=plus,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOVrdiUrdoKYhlUTq9WIvZT-VXTAA/ |
184 KB 64 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.tkLGB8oygGw.O/m=auth/exm=plus,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOVrdiUrdoKYhlUTq9WIvZT-VXTAA/ |
74 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fastbutton
apis.google.com/se/0/_/+1/ Frame 3D23 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sharebutton
apis.google.com/se/0/_/+1/ Frame 137F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rum.js
pagead2.googlesyndication.com/pagead/js/r20190812/r20190131/ |
49 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame A0A9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame B865 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame CE46 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
postmessageRelay
accounts.google.com/o/oauth2/ Frame 559A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
generator.php
how2remove-virus.com/ |
0 129 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.tqlkg.com
- URL
- http://www.tqlkg.com/image-7141446-11114083-1421849326000
Verdicts & Comments Add Verdict or Comment
67 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask undefined| $ function| jQuery object| _paq function| httfebnbnh object| adsbygoogle function| setCookie function| getCookie object| google_js_reporting_queue object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad number| _gfp_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| selectnav object| gapi object| ___jsl function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async number| google_global_correlator object| google_rum_config object| __google_ad_urls number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| _google_rum_ns_ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| JSON2 object| Piwik object| AnalyticsTracker function| piwik_log0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
adservice.google.com
adservice.google.de
affiliates.digitalriver.com
apis.google.com
app7.kromtech.net
assets.kromtech.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
how2remove-virus.com
kromtech.net
link.safecart.com
oneway.enigma.revenuewire.net
oneway.enigma.safecart.com
ontop1.reimage.revenuewire.net
ontop1.reimage.safecart.com
pagead2.googlesyndication.com
platform.twitter.com
send.onenetworkdirect.net
www.facebook.com
www.googletagservices.com
www.how2remove-virus.com
www.reimageplus.com
www.spyhunter.com
www.tqlkg.com
www.tqlkg.com
132.148.6.70
149.126.77.38
161.47.7.14
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::200d
2a03:2880:f106:83:face:b00c:0:25de
45.60.33.126
52.200.131.123
52.201.134.21
52.54.161.129
54.230.95.184
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
29bef5e9b8cee7b0c9ba1b0ae1f566219c4e74a59521e2543a05de6fcc373fe3
2e88e31b67631a39966593ad67e1162c14cd96abcd438c2c329b80f5e741df58
48b6f7d0fbb4693815b2771015035c2e94ee5c6dd11e1926edb0a5ad1ebe78d5
4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a
54504276d92644ec2aec24a21ad29b58caa20f68803c67cc65607bfa439b394c
6851237a758e65fa2cce16fca6f88f95c092e6eeff31c25ebfdd061266100d7c
69658cbcfeef340ac908d5ec6dc742372dcbb4df82fb1d774b55d7229194cf71
6a90262f9f8bc12d223b628831187a846ea9f4ce96797eca611836a0c29762c7
75e393fb394b7d13facc1c35054dbc7d90ad5a3dfff1bb32ebea9e54196211ed
7e1a6b135745c61308f5cd57dbd23562f34361f94c8eb49ebc034b03449f029b
84b37226dd1ba126264c6b5d1369d28d6fb5fa26f7cd6f3e1458e86ff41d14e7
884f980bc30711907122b2c4b55916f418e64f3e982f21da084fb3d28d3cb4b0
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
9a3c1badc6ebe50085fe9f7ef1e4109afc8cde8a2f1a99f72c25dfd9f821adfb
a3c28934ec7e481d05ae1ced3b0afaf3d2e70dab308fcf3b2d402c724a7349d7
ad763aaf76f887c1ff144b383c26b3cdc4ce6bd454efc5a90ff706c9c2e1b55a
ba2490187678a347c3d9df59c1e573947465524eb0f0462b02a0e5920b840950
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
d62ff4e02aba98c858ac207a8846b3e2beab9727aefa38ecb90010fde1cac667
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb22b49640fd6dce31759744703091dbaef51ca6e9e142e79567f0d6585cbcf3