www.skyrunner.icu Open in urlscan Pro
185.59.220.24  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
-1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request hot_google_ad.html Show response www.skyrunner.icu/	10 KB 4 KB	112ms 13ms	Document text/html	185.59.220.24 CDN77
General Check archive.org Show headers Download Go to Full URL https://www.skyrunner.icu/hot_google_ad.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.59.220.24 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-20.cdn77.com Software CDN77-Turbo / Resource Hash 911e4fa3e645ad8646005322faca5bb054bd071d60c61ca61ce9dd86e014abf0 Request headers :method GET :authority www.skyrunner.icu :scheme https :path /hot_google_ad.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Tue, 21 May 2019 06:57:40 GMT content-type text/html x-amz-id-2 eOjxuySWVQivzI/BEdzvIui8iVvbHGUF+pHYKcLQowvDrJBc+Y5q4jHtE9chDx3aSYIPgqpZ7Ww= x-amz-request-id 55D0025C5D45BF7C x-amz-meta-s3cmd-attrs atime:1557499685/ctime:1557499685/gid:994/gname:jenkins/md5:f8c505485925088f60038eeeb7552d7d/mode:33261/mtime:1557499685/uid:997/uname:jenkins last-modified Fri, 10 May 2019 14:48:06 GMT etag W/"f8c505485925088f60038eeeb7552d7d" server CDN77-Turbo x-edge-ip 185.59.220.20 x-edge-location frankfurtDE x-cache HIT x-age 86 content-encoding br
GET H2	200	404.png www.skyrunner.icu/google_files/	4 KB 5 KB	18ms 17ms	Image image/png	185.59.220.24 CDN77
General Check archive.org Show headers Download Go to Show image Full URL https://www.skyrunner.icu/google_files/404.png Requested by Host: www.skyrunner.icu URL: https://www.skyrunner.icu/hot_google_ad.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.59.220.24 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-20.cdn77.com Software CDN77-Turbo / Resource Hash 2a7a85ede1dd80c3f5555f0f425d8f15799af53da16afaad91e902a5387f1b57 Request headers Referer https://www.skyrunner.icu/hot_google_ad.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 21 May 2019 06:57:40 GMT last-modified Mon, 08 Apr 2019 18:30:12 GMT server CDN77-Turbo x-amz-meta-s3cmd-attrs atime:1554747934/ctime:1554747930/gid:994/gname:jenkins/md5:bbc01001d3d03a3cc5ba7a18a64cf819/mode:33261/mtime:1554747930/uid:997/uname:jenkins x-amz-request-id 91E129ACEB42D1E8 x-edge-location frankfurtDE etag "bbc01001d3d03a3cc5ba7a18a64cf819" x-cache HIT content-type image/png status 200 x-edge-ip 185.59.220.20 x-age 86 content-length 4397 x-amz-id-2 5g89btGEInn4mqtIEE9STh6IJgBHewYkzdox8y9w5XEbH947VFNTzdT+gLCtU7U+r75Dpfl5yXk=
GET H2	200	download.png www.skyrunner.icu/google_files/	157 B 581 B	18ms 18ms	Image image/png	185.59.220.24 CDN77
General Check archive.org Show headers Download Go to Show image Full URL https://www.skyrunner.icu/google_files/download.png Requested by Host: www.skyrunner.icu URL: https://www.skyrunner.icu/hot_google_ad.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.59.220.24 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-20.cdn77.com Software CDN77-Turbo / Resource Hash fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c Request headers Referer https://www.skyrunner.icu/hot_google_ad.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 21 May 2019 06:57:40 GMT last-modified Mon, 08 Apr 2019 18:30:12 GMT server CDN77-Turbo x-amz-meta-s3cmd-attrs atime:1554747934/ctime:1554747930/gid:994/gname:jenkins/md5:253bfa579547a0d57be1e4040b5804e8/mode:33261/mtime:1554747930/uid:997/uname:jenkins x-amz-request-id 70ECE3AA4CBC104A x-edge-location frankfurtDE etag "253bfa579547a0d57be1e4040b5804e8" x-cache HIT content-type image/png status 200 x-edge-ip 185.59.220.20 x-age 86 content-length 157 x-amz-id-2 sM+158xRQBCmiIEJOjf2/hQjHeZsmnP/igykXAXE5aSMfiBuAH6osC1Tv1xg3lwjLN6NJlJt0Fg=
GET H2	200	firebase.js Show response www.skyrunner.icu/	68 KB 20 KB	19ms 18ms	Script text/javascript	185.59.220.24 CDN77
General Check archive.org Show headers Download Go to Full URL https://www.skyrunner.icu/firebase.js Requested by Host: www.skyrunner.icu URL: https://www.skyrunner.icu/hot_google_ad.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.59.220.24 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-20.cdn77.com Software CDN77-Turbo / Resource Hash 65c40b5fb5f84500b9917ba723cd8fea3fd6a8f66bc05f708a1c3d60fd6ded54 Request headers Referer https://www.skyrunner.icu/hot_google_ad.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 21 May 2019 06:57:40 GMT content-encoding br last-modified Mon, 20 May 2019 13:50:33 GMT server CDN77-Turbo x-amz-meta-s3cmd-attrs atime:1554747934/ctime:1554747930/gid:994/gname:jenkins/md5:20a5256ba3cce3ae8a08ccfddcb5c467/mode:33261/mtime:1554747930/uid:997/uname:jenkins x-amz-request-id DD904823CEA95038 x-edge-location frankfurtDE etag W/"20a5256ba3cce3ae8a08ccfddcb5c467" x-cache HIT content-type text/javascript status 200 x-edge-ip 185.59.220.20 x-age 337 x-amz-id-2 fJKdoXGLVMKWBO63mfqTa8K3h8EylbuzJi3DAV1Zzb7dxVGoL8fO9jWZCF0gG9mCGmxcPFGFvfo=
GET H2	200	fdl.js Show response www.skyrunner.icu/	18 KB 7 KB	26ms 26ms	Script text/javascript	185.59.220.24 CDN77
General Check archive.org Show headers Download Go to Full URL https://www.skyrunner.icu/fdl.js Requested by Host: www.skyrunner.icu URL: https://www.skyrunner.icu/hot_google_ad.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.59.220.24 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-20.cdn77.com Software CDN77-Turbo / Resource Hash 0814c318208e651b887e8adaa800bc70aea8af7a1a15cce9d0ee7f941f0f63d7 Request headers Referer https://www.skyrunner.icu/hot_google_ad.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 21 May 2019 06:57:40 GMT content-encoding br last-modified Mon, 20 May 2019 13:50:32 GMT server CDN77-Turbo x-amz-meta-s3cmd-attrs atime:1554747934/ctime:1554747930/gid:994/gname:jenkins/md5:9daa243ab87ffade37ff6c0e95dd1f29/mode:33188/mtime:1554747930/uid:997/uname:jenkins x-amz-request-id 1EE8E71E4F6EB045 x-edge-location frankfurtDE etag W/"9daa243ab87ffade37ff6c0e95dd1f29" x-cache HIT content-type text/javascript status 200 x-edge-ip 185.59.220.20 x-age 334 x-amz-id-2 u60eiRZXyqlZSk2Pg6W3Ya+z4J29m8VWzH+pHtEI7P6HQowtA7g36vBQCDq+ZMGMdAuxjX9ZXGE=
GET H2	200	akg7.js Show response www.skyrunner.icu/	7 KB 3 KB	30ms 30ms	Script text/javascript	185.59.220.24 CDN77
General Check archive.org Show headers Download Go to Full URL https://www.skyrunner.icu/akg7.js Requested by Host: www.skyrunner.icu URL: https://www.skyrunner.icu/hot_google_ad.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.59.220.24 Frankfurt am Main, Germany, ASN60068 (CDN77, GB), Reverse DNS frankfurt-20.cdn77.com Software CDN77-Turbo / Resource Hash ac4d8713656e43de5c5c7577f3a9fb039fa99efcc03626a1e89f1a59bbc74a87 Request headers Referer https://www.skyrunner.icu/hot_google_ad.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 21 May 2019 06:57:40 GMT content-encoding br last-modified Mon, 20 May 2019 13:50:31 GMT server CDN77-Turbo x-amz-meta-s3cmd-attrs atime:1554747934/ctime:1554747930/gid:994/gname:jenkins/md5:434aa245aefcdab13fd147ec19ac2db0/mode:33188/mtime:1554747930/uid:997/uname:jenkins x-amz-request-id C7C14B152C651F2C x-edge-location frankfurtDE etag W/"434aa245aefcdab13fd147ec19ac2db0" x-cache HIT content-type text/javascript status 200 x-edge-ip 185.59.220.20 x-age 334 x-amz-id-2 ix3hFqsiVfCl+rQbClGwE1cF8lyTBLvTs8iZXRxUm6BHMjfscwt6quwmfhFnOQSOFcSwFf7fA2w=
GET H2	200	/ sonic.maltoka.com/download/2/ZWMwMDBhMDRiYjAwMTQ3MTAwMDAxNDRkMDAxNDRkMDAxNDRkNzllMTk4YjY3OA==/ Frame 8E5C	0 0	134ms 34ms	Document application/vnd.android.package-archive	54.36.168.125 OVH
General Check archive.org Show headers Download Go to Full URL https://sonic.maltoka.com/download/2/ZWMwMDBhMDRiYjAwMTQ3MTAwMDAxNDRkMDAxNDRkMDAxNDRkNzllMTk4YjY3OA==/?name=Dr.Web-v.2.3.1&network=257&add_extra_params=1&sclid= Requested by Host: www.skyrunner.icu URL: https://www.skyrunner.icu/hot_google_ad.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.36.168.125 , Poland, ASN16276 (OVH, FR), Reverse DNS super-setup2.itroot.it Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers :method GET :authority sonic.maltoka.com :scheme https :path /download/2/ZWMwMDBhMDRiYjAwMTQ3MTAwMDAxNDRkMDAxNDRkMDAxNDRkNzllMTk4YjY3OA==/?name=Dr.Web-v.2.3.1&network=257&add_extra_params=1&sclid= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 referer https://www.skyrunner.icu/hot_google_ad.html accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.skyrunner.icu/hot_google_ad.html Response headers status 200 server nginx date Tue, 21 May 2019 06:57:40 GMT content-type application/vnd.android.package-archive content-length 412913 content-description File Transfer content-disposition attachment; filename="Dr.Web-v.2.3.1.apk" content-transfer-encoding binary set-cookie dccn=b98f1d47-7b95-11e9-8cc5-ac1f6b1a79a2; Expires=Mon, 10 Jun 2019 06:57:40 GMT strict-transport-security max-age=31536000;

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| speak function| hidepop function| showpop function| getURLParameter number| sec number| min function| countDown function| alert_virus object| isAndroid object| __core-js_shared__ object| core object| firebase object| _0x258d function| _0x2279 function| _0x46e1b5 function| _0x1d6a0e object| subdomains object| geo function| _timer_tik_tak function| _get_current_subdomain function| _subdomain_append function| _subdomain_replace function| next_domain function| getOriginalHostname function| tokenExists function| storeToken function| getParameterByName function| saveToken object| _0x550c function| _0x56ae function| subscribe number| ii string| time number| SD

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sonic.maltoka.com
www.skyrunner.icu
185.59.220.24
54.36.168.125
0814c318208e651b887e8adaa800bc70aea8af7a1a15cce9d0ee7f941f0f63d7
2a7a85ede1dd80c3f5555f0f425d8f15799af53da16afaad91e902a5387f1b57
65c40b5fb5f84500b9917ba723cd8fea3fd6a8f66bc05f708a1c3d60fd6ded54
911e4fa3e645ad8646005322faca5bb054bd071d60c61ca61ce9dd86e014abf0
ac4d8713656e43de5c5c7577f3a9fb039fa99efcc03626a1e89f1a59bbc74a87
fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c