urlscan.io logo urlscan.io
SecurityTrails logo

www.malware-tech.com Open in urlscan Pro
50.63.55.124  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.malware-tech.com/
Submission: On March 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 14 domains to perform 34 HTTP transactions. The main IP is 50.63.55.124, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is www.malware-tech.com.
This is the only time www.malware-tech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 26 50.63.55.124 26496 (AS-26496-...)
3 2a00:1450:400... 15169 (GOOGLE)
6 6 149.126.77.38 19551 (INCAPSULA)
1 1 161.47.7.14 19994 (RACKSPACE)
2 2 34.204.117.160 14618 (AMAZON-AES)
1 1 54.165.66.19 14618 (AMAZON-AES)
1 54.81.148.134 14618 (AMAZON-AES)
2 3 45.55.29.117 14061 (DIGITALOC...)
1 13.35.253.76 16509 (AMAZON-02)
1 2 45.60.33.126 19551 (INCAPSULA)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
34 10
26    50.63.55.124 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-50-63-55-124.ip.secureserver.net
www.malware-tech.com
malware-tech.com
3    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
6    149.126.77.38 (Frankfurt, Germany)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 149.126.77.38.ip.incapdns.net
rewired.reimage.revenuewire.net
rewired.reimage.safecart.com
link.safecart.com
rewired.enigma.revenuewire.net
rewired.enigma.safecart.com
1    161.47.7.14 (San Antonio, United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)
www.reimageplus.com
2    34.204.117.160 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-204-117-160.compute-1.amazonaws.com
kromtech.net
1    54.165.66.19 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-66-19.compute-1.amazonaws.com
assets.kromtech.net
1    54.81.148.134 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-81-148-134.compute-1.amazonaws.com
app7.kromtech.net
3    45.55.29.117 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
www.plumbytes.com
plumbytes.com
1    13.35.253.76 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-76.fra6.r.cloudfront.net
www.spyhunter.com
2    45.60.33.126 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
send.onenetworkdirect.net
affiliates.digitalriver.com
2    2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
Domain Requested by
24 www.malware-tech.com 6 redirects www.malware-tech.com
4 pagead2.googlesyndication.com www.malware-tech.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.plumbytes.com 2 redirects
2 kromtech.net 2 redirects
2 link.safecart.com 2 redirects
2 malware-tech.com www.malware-tech.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 affiliates.digitalriver.com www.malware-tech.com
1 send.onenetworkdirect.net 1 redirects
1 www.spyhunter.com www.malware-tech.com
1 rewired.enigma.safecart.com 1 redirects
1 rewired.enigma.revenuewire.net 1 redirects
1 plumbytes.com www.malware-tech.com
1 app7.kromtech.net www.malware-tech.com
1 assets.kromtech.net 1 redirects
1 www.reimageplus.com 1 redirects
1 rewired.reimage.safecart.com 1 redirects
1 rewired.reimage.revenuewire.net 1 redirects
34 21

This site contains no links.

Subject Issuer Validity Valid
kromtech.net
Amazon		 2018-09-11 -
2019-10-11		 a year crt.sh
*.plumbytes.com
COMODO RSA Domain Validation Secure Server CA		 2018-06-21 -
2019-06-22		 a year crt.sh
*.spyhunter.com
Amazon		 2018-07-16 -
2019-08-16		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://www.malware-tech.com/
Frame ID: 05087624D0616D96B624A835757FFCE5
Requests: 30 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Frame ID: 716715082FEB11EB8B6D0A86E0ABF396
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190320/r20190131/zrt_lookup.html
Frame ID: 2F624516506BC40B4D04AEA6B58332EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=280&slotname=8565848406&adk=3206789439&adf=2750238705&w=360&fwrn=4&fwrnh=100&lmt=1553633940&rafmt=1&guci=1.2.0.0.2.2.0.0&format=360x280&url=http%3A%2F%2Fwww.malware-tech.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553633940833&bpp=14&bdt=1059&fdt=59&idt=58&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&correlator=4568371615323&frm=20&pv=2&ga_vid=1516705285.1553633941&ga_sid=1553633941&ga_hid=1970228497&ga_fc=0&iag=0&icsg=9435823&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1003&ady=333&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.y85ard10nf19&fsb=1&xpc=pivZbkOSki&p=http%3A//www.malware-tech.com&dtd=80
Frame ID: 5F4F98551DC083F834F381D29F36991A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=280&slotname=8565848406&adk=48667111&adf=2479844514&w=360&fwrn=4&fwrnh=100&lmt=1553633940&rafmt=1&guci=1.2.0.0.2.2.0.0&format=360x280&url=http%3A%2F%2Fwww.malware-tech.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553633940847&bpp=7&bdt=1073&fdt=75&idt=44&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=360x280&correlator=4568371615323&frm=20&pv=1&ga_vid=1516705285.1553633941&ga_sid=1553633941&ga_hid=1970228497&ga_fc=0&iag=0&icsg=42990255&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=3805&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.6xiy4f5gpo1l&fsb=1&xpc=S0O68wntJ6&p=http%3A//www.malware-tech.com&dtd=78
Frame ID: 9CF426510D2437944D6C7896BC6B6A93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^Piwik$/i
  • env /^_paq$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

34
Requests

29 %
HTTPS

36 %
IPv6

14
Domains

21
Subdomains

10
IPs

3
Countries

509 kB
Transfer

1114 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://www.malware-tech.com/download-reimage HTTP 301
  • http://www.malware-tech.com/download-reimage/ HTTP 302
  • http://rewired.reimage.revenuewire.net/reimage-pc-repair/download/ HTTP 302
  • http://rewired.reimage.safecart.com/reimage-pc-repair/download/ HTTP 301
  • http://www.reimageplus.com/includes/router_land.php?tracking=revenuewire&exec=run HTTP 302
  • https://link.safecart.com/2m4rjw HTTP 301
  • http://kromtech.net/link/4223cf6e-2605-11e9-b649-127369ec21d1&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18 HTTP 302
  • http://assets.kromtech.net/lnd?back=aHR0cDovL2tyb210ZWNoLm5ldC9saW5rLzQyMjNjZjZlLTI2MDUtMTFlOS1iNjQ5LTEyNzM2OWVjMjFkMSZ0aWRfZXh0PVBvaW9uZWVyQ2xpY2s7MDJhNzA3NTgyMGE2NjhhODNjNzFmMzVjNmExNmJhNmEyNGFjNWUxOCZyZXFpZD1Sb290PTEtNWM5YTkyOTctNzI3ZjRjZTJmOWZlZWUwMGMzNjhkN2Q4&reqid=Root%3D1-5c9a9297-727f4ce2f9feee00c368d7d8&sign=5268e077d4ebb703a11a894b9fe7cebb15e10a39 HTTP 302
  • http://kromtech.net/link/4223cf6e-2605-11e9-b649-127369ec21d1&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18&reqid=Root=1-5c9a9297-727f4ce2f9feee00c368d7d8&guid=fc9b1d61-5009-11e9-bfed-0e44482e0016&adb=0 HTTP 302
  • https://app7.kromtech.net/landings/216.1/?affid=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb&alert=44&epayId=29&guid=fc9b1d61-5009-11e9-bfed-0e44482e0016&landId=2276&reqid=Root=1-5c9a9297-727f4ce2f9feee00c368d7d8&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_2161&utm_content=&utm_medium=&utm_source=&utm_term=
Request Chain 20
  • http://www.malware-tech.com/download-plumbytes HTTP 301
  • http://www.malware-tech.com/download-plumbytes/ HTTP 302
  • http://link.safecart.com/2hhvj4/aHR0cDovL3d3dy5wbHVtYnl0ZXMuY29tL3BhcnRuZXIvdXJsL2Rvd25sb2Fk HTTP 301
  • http://www.plumbytes.com/partner/url/download HTTP 302
  • http://www.plumbytes.com/download/cuid/?tid=rwid_p00000 HTTP 301
  • https://plumbytes.com/download/cuid/?tid=rwid_p00000
Request Chain 21
  • http://www.malware-tech.com/download-spyhunter HTTP 301
  • http://www.malware-tech.com/download-spyhunter/ HTTP 302
  • http://rewired.enigma.revenuewire.net/spyhunter2/download HTTP 302
  • http://rewired.enigma.safecart.com/spyhunter2/download HTTP 301
  • https://www.spyhunter.com/rw/
Request Chain 22
  • http://send.onenetworkdirect.net/z/580857/CD230692 HTTP 302
  • http://affiliates.digitalriver.com/z/580857/CD230692

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.malware-tech.com/ 		31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 / PHP/5.3.3
Resource Hash
a7c5fc4f9d206e6e97176a6e38da8c3c8d70247c46a2a2b14a9fa8ae9ae7d41f

Request headers

Host
www.malware-tech.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.0.15
Date
Tue, 26 Mar 2019 20:58:59 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.3
X-Pingback
http://www.malware-tech.com/xmlrpc.php
Content-Encoding
gzip
style.css
www.malware-tech.com/wp-content/plugins/side-matter/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/plugins/side-matter/css/style.css?ver=4.1
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
9b0b4ccf126976608498f6b3f1730e7766d306ecfa65174cbdbd7d3368668b7a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:58:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Nov 2017 10:02:33 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:58:59 GMT
styles.css
www.malware-tech.com/wp-content/plugins/contact-form-7/includes/css/ 		1 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.1
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:58:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jan 2015 21:59:54 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:58:59 GMT
bootstrap.css
www.malware-tech.com/wp-content/themes/magnis/css/ 		125 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/css/bootstrap.css?ver=3.2
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
f0adb6cf55255c433b73d0abb1899c8a0d6af0c34f4e7b8d988585ca9614c432

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Dec 2014 09:24:30 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
font-awesome.min.css
www.malware-tech.com/wp-content/themes/magnis/css/font-awesome/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/css/font-awesome/css/font-awesome.min.css?ver=3.2
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
37e8beb9cb32ed21315dd84ca04289125201b36e0acc5d4c3dfb72b93adb29d8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Dec 2014 09:24:50 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
style.css
www.malware-tech.com/wp-content/themes/magnis/ 		68 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/style.css?ver=2014-12-05
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
20af1d713fc681806e4ad2e9fc9af237894079d5818138770141c29ee6727460

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Nov 2017 15:23:56 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
responsive.css
www.malware-tech.com/wp-content/themes/magnis/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/css/responsive.css?ver=3.2
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
61edf863f56070b2f9d6c4cc1ba154f634fdd58cc44c1fc73e4898dbc212f7a9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2015 14:18:23 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
color.php
www.malware-tech.com/wp-content/themes/magnis/framework/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/framework/color.php?ver=4.1
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 / PHP/5.3.3
Resource Hash
1daea716bb34f6c95ff8703792c7b1afb35fadc6711da089937651fe86311a0c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Server
nginx/1.0.15
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
jquery.js
www.malware-tech.com/wp-includes/js/jquery/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 May 2014 07:29:16 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
jquery-migrate.min.js
www.malware-tech.com/wp-includes/js/jquery/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 13:28:26 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
iframeheight.js
www.malware-tech.com/wp-content/plugins/side-matter/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/plugins/side-matter/js/iframeheight.js?ver=4.1
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
5b87bf2d49f0fa0ef27536a020ff655de76e84231464cdb3b0a09c487605cae4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Nov 2017 13:43:46 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
modernizr.js
www.malware-tech.com/wp-content/themes/magnis/js/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/js/modernizr.js?ver=4.1
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
9cd6264edc0602e02f6917b3808b9231d79c4f446c0f0d5a0e407eab2df1e61d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2015 12:07:50 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
wp-page-numbers.css
www.malware-tech.com/wp-content/plugins/wp-page-numbers/default/ 		2 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/plugins/wp-page-numbers/default/wp-page-numbers.css
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
8f4693f3d529dec845bb5727455f13254dbfababe161ad7a2003aa5e23ee362c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Mar 2013 10:05:40 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c4475ddb21ea0c01df26728c5d5165248916153b696efc0f680812d764f148b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 20:58:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
10581549262285364774
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
31785
X-XSS-Protection
1; mode=block
Expires
Tue, 26 Mar 2019 20:58:59 GMT
jquery.form.min.js
www.malware-tech.com/wp-content/plugins/contact-form-7/includes/js/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jan 2015 21:59:54 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
scripts.js
www.malware-tech.com/wp-content/plugins/contact-form-7/includes/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.1
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
80101386673ac21ee83bdf9d17415fc9eb68c4fc97f0a29feccf724f5268d3ad

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jan 2015 21:59:54 GMT
Server
nginx/1.0.15
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Expires
Fri, 20 Mar 2020 20:59:00 GMT
generator.php
malware-tech.com/ 		53 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://malware-tech.com/generator.php
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/wp-content/plugins/side-matter/js/iframeheight.js?ver=4.1
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 / PHP/5.3.3
Resource Hash
4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 20:59:01 GMT
Last-Modified
Tue, 26 Mar 2019 20:59:01 GMT
Server
nginx/1.0.15
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
malware-tech.png
www.malware-tech.com/wp-content/themes/magnis/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/images/malware-tech.png
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
79c5860ff03f0d5b91fdb7e0eaccf6ae5c8cd75c62292ff2a42b86f32871a421

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.malware-tech.com/wp-content/themes/magnis/style.css?ver=2014-12-05
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/wp-content/themes/magnis/style.css?ver=2014-12-05
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Last-Modified
Tue, 07 Nov 2017 13:01:50 GMT
Server
nginx/1.0.15
Content-Type
image/png
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6361
Expires
Fri, 20 Mar 2020 20:59:00 GMT
page-header-bg.jpg
www.malware-tech.com/wp-content/themes/magnis/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/images/page-header-bg.jpg
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
f8f85ad75eb6613a5e85db8094bc5ae0aaf2ac807d49d78ad2d8c78ca4e1e266

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.malware-tech.com/wp-content/themes/magnis/style.css?ver=2014-12-05
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/wp-content/themes/magnis/style.css?ver=2014-12-05
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Last-Modified
Tue, 07 Nov 2017 14:31:37 GMT
Server
nginx/1.0.15
Content-Type
image/jpeg
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12438
Expires
Fri, 20 Mar 2020 20:59:00 GMT
fontawesome-webfont.woff
www.malware-tech.com/wp-content/themes/magnis/css/font-awesome/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.malware-tech.com/wp-content/themes/magnis/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

Pragma
no-cache
Origin
http://www.malware-tech.com
Accept-Encoding
gzip, deflate
Host
www.malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.malware-tech.com/wp-content/themes/magnis/css/font-awesome/css/font-awesome.min.css?ver=3.2
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.malware-tech.com/wp-content/themes/magnis/css/font-awesome/css/font-awesome.min.css?ver=3.2
Origin
http://www.malware-tech.com

Response headers

Pragma
public
Date
Tue, 26 Mar 2019 20:59:00 GMT
Last-Modified
Sat, 27 Dec 2014 09:24:52 GMT
Server
nginx/1.0.15
Content-Type
application/octet-stream
Cache-Control
max-age=31104000 public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44432
Expires
Fri, 20 Mar 2020 20:59:00 GMT
/
app7.kromtech.net/landings/216.1/
Redirect Chain
  • http://www.malware-tech.com/download-reimage
  • http://www.malware-tech.com/download-reimage/
  • http://rewired.reimage.revenuewire.net/reimage-pc-repair/download/
  • http://rewired.reimage.safecart.com/reimage-pc-repair/download/
  • http://www.reimageplus.com/includes/router_land.php?tracking=revenuewire&exec=run
  • https://link.safecart.com/2m4rjw
  • http://kromtech.net/link/4223cf6e-2605-11e9-b649-127369ec21d1&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18
  • http://assets.kromtech.net/lnd?back=aHR0cDovL2tyb210ZWNoLm5ldC9saW5rLzQyMjNjZjZlLTI2MDUtMTFlOS1iNjQ5LTEyNzM2OWVjMjFkMSZ0aWRfZXh0PVBvaW9uZWVyQ2xpY2s7MDJhNzA3NTgyMGE2NjhhODNjNzFmMzVjNmExNmJhNmEyNGFjN...
  • http://kromtech.net/link/4223cf6e-2605-11e9-b649-127369ec21d1&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18&reqid=Root=1-5c9a9297-727f4ce2f9feee00c368d7d8&guid=fc9b1d61-5009-11e9-b...
  • https://app7.kromtech.net/landings/216.1/?affid=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb&alert=44&epayId=29&guid=fc9b1d61-5009-11e9-bfed-0e44482e0016&landId=2276&reqid=Root=1-5c9a9297-727f4ce2f9fee...
0
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app7.kromtech.net/landings/216.1/?affid=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb&alert=44&epayId=29&guid=fc9b1d61-5009-11e9-bfed-0e44482e0016&landId=2276&reqid=Root=1-5c9a9297-727f4ce2f9feee00c368d7d8&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_2161&utm_content=&utm_medium=&utm_source=&utm_term=
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.148.134 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-81-148-134.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.hotjar.com *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.surveygizmo.com https://*.surveygizmo.com http://*.liadm.com http://*.typeform.com https://*.typeform.com http://calendly.com/ https://calendly.com/ https://mc.yandex.ru/ http://mc.yandex.ru/ http://js.ad-score.com/ https://js.ad-score.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob: http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.exelator.com https://*.exelator.com http://owox.com http://*.owox.com https://owox.com https://*.owox.com http://*.liadm.com https://*.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.yahoo.co.jp https://*.yahoo.co.jp http://apimzb-adserver.cloudmccloud.com https://apimzb-adserver.cloudmccloud.com http://*.3lift.com https://*.3lift.com http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com http://mc.yandex.ru https://mc.yandex.ru http://cx.atdmt.com https://cx.atdmt.com http://*.baidu.com/ https://*.baidu.com/ http://gstatstrk.com https://gstatstrk.com http://assets.kromtech.net https://assets.kromtech.net http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ http//trc.taboola.com https//trc.taboola.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com https://b-code.liadm.com http://b-code.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.cloudfront.net/metrika/watch_ua.js https://*.cloudfront.net/metrika/watch_ua.js http://*.yimg.jp https://*.yimg.jp http://addtocalendar.com https://addtocalendar.com http://*.yahoo.co.jp https://*.yahoo.co.jp blob: http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com https://s.ytimg.com http://s.ytimg.com http://*.typeform.com https://*.typeform.com http://*.calendly.com https://*.calendly.com http://*.linkconnector.com https://*.linkconnector.com http://linkconnector.com https://linkconnector.com http://mc.yandex.ru https://mc.yandex.ru http://js.ad-score.com/ https://js.ad-score.com/ http://*.baidu.com/ https://*.baidu.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ https://*.taboola.com/ http://*.taboola.com/ https://engine.4dsply.com http://engine.4dsply.com https://engine.spotscenered.info http://engine.spotscenered.info https://engine.3dspk.com http://engine.3dspk.com https://we3red.com http://we3red.com https://engine.asadap.com http://engine.asadap.com https://engine.nictelroalps.com http://engine.nictelroalps.com https://engine.liondigitalserving.com http://engine.liondigitalserving.com https://engine.addroplet.com http://engine.addroplet.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua http://addtocalendar.com https://addtocalendar.com http://*.surveygizmo.com https://*.surveygizmo.com http://cdn.onesignal.com https://cdn.onesignal.com http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; font-src 'self' data: *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://*.surveygizmo.com https://*.surveygizmo.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com http://*.hotjar.com https://*.hotjar.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.g.doubleclick.net http://*.g.doubleclick.net https://lcidc.liadm.com http://lcidc.liadm.com http://assets.kromtech.net https://assets.kromtech.net http://assets.kromtech.net https://assets.kromtech.net http://*.google-analytics.com https://*.google-analytics.com api.ipify.org http://mc.yandex.ru https://mc.yandex.ru http://data.ad-score.com https://data.ad-score.com http://*.baidu.com/ https://*.baidu.com/ http://pushdata.onesignal.com:* https://pushdata.onesignal.com:* http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.taboola.com/ https://*.taboola.com/;

Request headers

:path
/landings/216.1/?affid=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb&alert=44&epayId=29&guid=fc9b1d61-5009-11e9-bfed-0e44482e0016&landId=2276&reqid=Root=1-5c9a9297-727f4ce2f9feee00c368d7d8&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_2161&utm_content=&utm_medium=&utm_source=&utm_term=
pragma
no-cache
cookie
guid=fc9b1d61-5009-11e9-bfed-0e44482e0016; userid=mzb_198148; useridw=mzb_198148; ldrBrowser=Chrome; ldrBrowserLite=Chrome; ldrOs=Mac+OS+X; ldrUaFull=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36; uniqueSplitDay=1; aaffss=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb%3A0%3A20190326; globalAffid=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb; userDefiner=mzb_2754; userPrePay=mk_rvnwr_cpi_t2_2161; trt=29_45121156
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
app7.kromtech.net
referer
http://www.malware-tech.com/
:scheme
https
:method
GET
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Mar 2019 20:59:03 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
default-src 'self' *.hotjar.com *.mackeeper.co *.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com mackeeper.com; frame-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.surveygizmo.com https://*.surveygizmo.com http://*.liadm.com http://*.typeform.com https://*.typeform.com http://calendly.com/ https://calendly.com/ https://mc.yandex.ru/ http://mc.yandex.ru/ http://js.ad-score.com/ https://js.ad-score.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; child-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com blob: http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; img-src 'self' 'unsafe-inline' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com https://*.s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com data: *.2mdn.net http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com http://*.exelator.com https://*.exelator.com http://owox.com http://*.owox.com https://owox.com https://*.owox.com http://*.liadm.com https://*.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.yahoo.co.jp https://*.yahoo.co.jp http://apimzb-adserver.cloudmccloud.com https://apimzb-adserver.cloudmccloud.com http://*.3lift.com https://*.3lift.com http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com http://mc.yandex.ru https://mc.yandex.ru http://cx.atdmt.com https://cx.atdmt.com http://*.baidu.com/ https://*.baidu.com/ http://gstatstrk.com https://gstatstrk.com http://assets.kromtech.net https://assets.kromtech.net http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ http//trc.taboola.com https//trc.taboola.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.a.disquscdn.com https://*.a.disquscdn.com http://*.adsage.com https://*.adsage.com http://*.adsitrx.com https://*.adsitrx.com http://*.analytics.yahoo.com https://*.analytics.yahoo.com http://*.b2c.com https://*.b2c.com http://*.bing.com https://*.bing.com http://disqus.com https://disqus.com http://*.disqus.com https://*.disqus.com http://*.doubleclick.net https://*.doubleclick.net http://*.facebook.com https://*.facebook.com http://*.facebook.net https://*.facebook.net http://*.flowplayer.org https://*.flowplayer.org http://*.fqtag.com https://*.fqtag.com http://*.google.com https://*.google.com http://*.google.com.ua https://*.google.com.ua http://*.googleadservices.com https://*.googleadservices.com http://*.google-analytics.com https://*.google-analytics.com http://*.googleapis.com https://*.googleapis.com http://*.googletagmanager.com https://*.googletagmanager.com http://*.googletagservices.com https://*.googletagservices.com http://*.gstatic.com https://*.gstatic.com http://*.hotjar.com https://*.hotjar.com http://*.i.ytimg.com https://*.i.ytimg.com http://*.images.dmca.com https://*.images.dmca.com http://images.dmca.com https://images.dmca.com http://*.intljs.rmtag.com https://*.intljs.rmtag.com http://*.kromtech.com https://*.kromtech.com http://*.kromtech.net https://*.kromtech.net http://*.linksynergy.com https://*.linksynergy.com http://*.mackeeper.co https://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.com http://*.mackeeperblog.disqus.com https://*.mackeeperblog.disqus.com http://*.mpnrs.com https://*.mpnrs.com http://*.msn.com https://*.msn.com http://*.optimizely.com https://*.optimizely.com http://*.yabidos.com https://*.yabidos.com http://*.s.yimg.com http://s.yimg.com https://*.s.yimg.com https://s.yimg.com http://*.secure.ace-tag.advertising.com https://*.secure.ace-tag.advertising.com http://*.secure.leadback.advertising.com https://*.secure.leadback.advertising.com http://*.shopperapproved.com https://*.shopperapproved.com http://*.tagmanager.google.com https://*.tagmanager.google.com http://*.tribalfusion.com https://*.tribalfusion.com http://*.twimg.com https://*.twimg.com http://*.twitter.com https://*.twitter.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com http://*.www1.mpnrs.com https://*.www1.mpnrs.com http://*.youtube.com https://*.youtube.com http://l2.io *.inspectlet.com *.googlesyndication.com http://*.sagetrc.com http://*.glotgrx.com https://*.glotgrx.com/ http://lporirxe.com http://*.lporirxe.com https://lporirxe.com https://*.lporirxe.com https://b-code.liadm.com http://b-code.liadm.com http://*.outbrain.com https://*.outbrain.com http://*.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com http://*.cloudfront.net/metrika/watch_ua.js https://*.cloudfront.net/metrika/watch_ua.js http://*.yimg.jp https://*.yimg.jp http://addtocalendar.com https://addtocalendar.com http://*.yahoo.co.jp https://*.yahoo.co.jp blob: http://*.surveygizmo.com https://*.surveygizmo.com https://surveygizmolibrary.s3.amazonaws.com http://surveygizmolibrary.s3.amazonaws.com https://s.ytimg.com http://s.ytimg.com http://*.typeform.com https://*.typeform.com http://*.calendly.com https://*.calendly.com http://*.linkconnector.com https://*.linkconnector.com http://linkconnector.com https://linkconnector.com http://mc.yandex.ru https://mc.yandex.ru http://js.ad-score.com/ https://js.ad-score.com/ http://*.baidu.com/ https://*.baidu.com/ http://cdn.onesignal.com/ https://cdn.onesignal.com/ http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.rtmark.net/ https://*.rtmark.net/ https://*.taboola.com/ http://*.taboola.com/ https://engine.4dsply.com http://engine.4dsply.com https://engine.spotscenered.info http://engine.spotscenered.info https://engine.3dspk.com http://engine.3dspk.com https://we3red.com http://we3red.com https://engine.asadap.com http://engine.asadap.com https://engine.nictelroalps.com http://engine.nictelroalps.com https://engine.liondigitalserving.com http://engine.liondigitalserving.com https://engine.addroplet.com http://engine.addroplet.com; style-src 'self' 'unsafe-inline' *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com a.disquscdn.com disqus.com http://fonts.googleapis.com https://fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com https://a.disquscdn.com https://disqus.com https://mackeeperblog.disqus.com https://referrer.disqus.com mackeeperblog.disqus.com referrer.disqus.com http://*.google.com http://*.google.com.ua https://*.google.com https://*.google.com.ua http://addtocalendar.com https://addtocalendar.com http://*.surveygizmo.com https://*.surveygizmo.com http://cdn.onesignal.com https://cdn.onesignal.com http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/; font-src 'self' data: *.doubleclick.net *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com fonts.googleapis.com fonts.gstatic.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://*.surveygizmo.com https://*.surveygizmo.com; object-src *.doubleclick.net *.flowplayer.org *.mackeeper.co *.mackeeper.com *.twimg.com *.twitter.com https://*.doubleclick.net https://*.mackeeper.co https://*.mackeeper.com https://*.twimg.com https://*.twitter.com http://pagead2.googlesyndication.com https://pagead2.googlesyndication.com; connect-src 'self' http://*.mackeeper.co http://*.mackeeper.com https://*.mackeeper.co https://*.mackeeper.com http://mackeeper.co http://mackeeper.com https://mackeeper.co https://mackeeper.com http://*.hotjar.com https://*.hotjar.com ws://*.hotjar.com ws://*.hotjar.com wss://*.hotjar.com wss://*.hotjar.com https://*.g.doubleclick.net http://*.g.doubleclick.net https://lcidc.liadm.com http://lcidc.liadm.com http://assets.kromtech.net https://assets.kromtech.net http://assets.kromtech.net https://assets.kromtech.net http://*.google-analytics.com https://*.google-analytics.com api.ipify.org http://mc.yandex.ru https://mc.yandex.ru http://data.ad-score.com https://data.ad-score.com http://*.baidu.com/ https://*.baidu.com/ http://pushdata.onesignal.com:* https://pushdata.onesignal.com:* http://onesignal.com/ https://onesignal.com/ http://*.onesignal.com/ https://*.onesignal.com/ http://*.taboola.com/ https://*.taboola.com/;
set-cookie
PHPSESSID=1tshas8b8gr7tgkh1l9vv3qke1; path=/
request-id
003e87435130465e8041a0c6f3842ee6
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Location
https://app7.kromtech.net/landings/216.1/?affid=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb&alert=44&epayId=29&guid=fc9b1d61-5009-11e9-bfed-0e44482e0016&landId=2276&reqid=Root=1-5c9a9297-727f4ce2f9feee00c368d7d8&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_2161&utm_content=&utm_medium=&utm_source=&utm_term=
Date
Tue, 26 Mar 2019 20:59:03 GMT
Connection
keep-alive
Set-Cookie
guid=fc9b1d61-5009-11e9-bfed-0e44482e0016; Path=/; Domain=kromtech.net; Max-Age=315360000 userid=mzb_198148; Path=/; Domain=kromtech.net; Max-Age=86400 useridw=mzb_198148; Path=/; Domain=kromtech.net; Max-Age=604800 ldrBrowser=Chrome; Path=/; Domain=kromtech.net; Max-Age=86400 ldrBrowserLite=Chrome; Path=/; Domain=kromtech.net; Max-Age=86400 ldrOs=Mac+OS+X; Path=/; Domain=kromtech.net; Max-Age=86400 ldrUaFull=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36; Path=/; Domain=kromtech.net; Max-Age=86400 uniqueSplitDay=1; Path=/; Domain=kromtech.net; Max-Age=86400 aaffss=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb%3A0%3A20190326; Path=/; Domain=kromtech.net; Max-Age=31536000 globalAffid=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb; Path=/; Domain=kromtech.net; Max-Age=15552000 userDefiner=mzb_2754; Path=/; Domain=kromtech.net; Max-Age=15552000 userPrePay=mk_rvnwr_cpi_t2_2161; Path=/; Domain=kromtech.net; Max-Age=15552000 trt=29_45121156; Path=/; Domain=kromtech.net; Max-Age=15552000
Content-Length
464
Content-Type
text/html; charset=utf-8
Cookie set /
plumbytes.com/download/cuid/
Redirect Chain
  • http://www.malware-tech.com/download-plumbytes
  • http://www.malware-tech.com/download-plumbytes/
  • http://link.safecart.com/2hhvj4/aHR0cDovL3d3dy5wbHVtYnl0ZXMuY29tL3BhcnRuZXIvdXJsL2Rvd25sb2Fk
  • http://www.plumbytes.com/partner/url/download
  • http://www.plumbytes.com/download/cuid/?tid=rwid_p00000
  • https://plumbytes.com/download/cuid/?tid=rwid_p00000
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plumbytes.com/download/cuid/?tid=rwid_p00000
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.55.29.117 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45 / PHP/5.4.45
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
plumbytes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.malware-tech.com/
Cookie
2b305=%7B%22streams%22%3A%7B%222%22%3A1553605549%2C%220%22%3A1553605549%7D%2C%22campaigns%22%3A%7B%221%22%3A1553605549%2C%223%22%3A1553605549%7D%2C%22time%22%3A1553605549%7D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 21:06:06 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
X-Powered-By
PHP/5.4.45
Transfer-Encoding
chunked
Content-Type
application/octet-stream
Connection
Keep-Alive
Content-Disposition
attachment; filename=antimalwaresetup.exe;
Set-Cookie
usrid=e9b11dd3; expires=Sat, 25-May-2019 21:06:06 GMT; path=/
Keep-Alive
timeout=5, max=100

Redirect headers

Location
https://plumbytes.com/download/cuid/?tid=rwid_p00000
Date
Tue, 26 Mar 2019 21:06:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.45
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
260
Content-Type
text/html; charset=iso-8859-1
/
www.spyhunter.com/rw/
Redirect Chain
  • http://www.malware-tech.com/download-spyhunter
  • http://www.malware-tech.com/download-spyhunter/
  • http://rewired.enigma.revenuewire.net/spyhunter2/download
  • http://rewired.enigma.safecart.com/spyhunter2/download
  • https://www.spyhunter.com/rw/
0
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spyhunter.com/rw/
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.76 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-76.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/rw/
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.spyhunter.com
referer
http://www.malware-tech.com/
:scheme
https
:method
GET
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 12:19:43 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified
Mon, 17 Dec 2018 12:02:38 GMT
server
AmazonS3
age
31160
etag
"3a28621b217111442e1bfc2e29d6466a"
x-cache
Hit from cloudfront
content-type
text/html
status
200
content-length
23537
accept-ranges
bytes
x-amz-request-id
3B67F92A81271D6D
x-amz-id-2
CWoXkMO3zAGKU+IKBGdlR5CSYqZKLFOB7Wexjq/ws9cqloXNNOdH+pGCy+u9PZLdQEqj/gPE/Ns=
x-amz-cf-id
_HKEgDwGfAcGpsRmUi15stslBJQFydjU8-ab2CWmPMqTQJoaRiHYEA==

Redirect headers

Pragma
no-cache
Date
Tue, 26 Mar 2019 20:59:01 GMT
Server
Apache
Set-Cookie
PHPSESSID=ad3mpu6nnngcbaasb2vrat4286; path=/; secure; HttpOnly PHPSESSID=46asodpcjqced1bph6cn956os0; path=/; secure; HttpOnly enigma=a%3A6%3A%7Bs%3A9%3A%22sessionId%22%3Bs%3A26%3A%2246asodpcjqced1bph6cn956os0%22%3Bs%3A10%3A%22networkFid%22%3Bs%3A5%3A%22rwire%22%3Bs%3A9%3A%22partnerId%22%3Bi%3A943455%3Bs%3A15%3A%22affiliateInfoId%22%3Bi%3A406375%3Bs%3A15%3A%22merchantAliasId%22%3BN%3Bs%3A2%3A%22id%22%3Bs%3A40%3A%22a5a205efa1b0a1bb8d47d92f6eeb116523285c30%22%3B%7D; expires=Mon, 24-Jun-2019 20:59:01 GMT; Max-Age=7776000; path=/; domain=.safecart.com RWSERVERID=php-app4; path=/; HttpOnly; Secure visid_incap_118135=F3O8dZrNSSiqI5T+mlmGP5WSmlwAAAAAQUIPAAAAAAA+pZoigav4McSY2ovzMrEZ; expires=Wed, 25 Mar 2020 09:17:24 GMT; path=/; Domain=.enigma.safecart.com incap_ses_247_118135=ORDmZZ9+mgNSsrKh2IVtA5WSmlwAAAAAl18BZTrz9u4f4wKVPQy+nw==; path=/; Domain=.enigma.safecart.com
X-Frame-Options
ALLOW-FROM https://reimageplus.com/
Content-Type
text/html; charset=UTF-8
Location
https://www.spyhunter.com/rw/
X-Iinfo
11-15264857-15264860 NNNN CT(0 -1 0) RT(1553633941094 0) q(0 1 1 0) r(4 4) U5
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
close
X-CDN
Incapsula
Expires
Thu, 19 Nov 1981 08:52:00 GMT
CD230692
affiliates.digitalriver.com/z/580857/
Redirect Chain
  • http://send.onenetworkdirect.net/z/580857/CD230692
  • http://affiliates.digitalriver.com/z/580857/CD230692
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://affiliates.digitalriver.com/z/580857/CD230692
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
45.60.33.126 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Date
Tue, 26 Mar 2019 20:59:01 GMT
X-Server-Name
www@smcwebprd035004.c035.digitalriverws.net
Vary
Host
P3P
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
Location
http://affiliates.digitalriver.com/z/580857/CD230692
X-Iinfo
9-4962617-4962618 NNNN CT(135 -1 0) RT(1553633940217 0) q(0 0 1 1) r(2 2) U5
Cache-Control
public, max-age=0, must-revalidate
Connection
close
Content-Type
text/html
Keep-Alive
timeout=3, max=1000
Content-Length
0
X-CDN
Incapsula
Server
Apache
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.malware-tech.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 20:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.malware-tech.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 20:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/ 		199 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9eebbffc95c199d1593cee5d102852e44286ae45039f360395c6b10267e96ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
4757190548181380193
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
75808
X-XSS-Protection
1; mode=block
Expires
Tue, 26 Mar 2019 20:59:00 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/ Frame 7167 		199 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9eebbffc95c199d1593cee5d102852e44286ae45039f360395c6b10267e96ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 20:59:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
4757190548181380193
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
75808
X-XSS-Protection
1; mode=block
Expires
Tue, 26 Mar 2019 20:59:00 GMT
ca-pub-7943855733030580.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7943855733030580.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 18:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 24 Mar 2019 01:04:15 GMT
server
sffe
age
8100
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
125
x-xss-protection
1; mode=block
expires
Wed, 27 Mar 2019 06:44:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190320/r20190131/ Frame 2F62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190320/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190320/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.malware-tech.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.malware-tech.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 Mar 2019 13:05:21 GMT
expires
Wed, 03 Apr 2019 13:05:21 GMT
content-type
text/html; charset=UTF-8
etag
4425972840952340538
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6619
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
546819
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ads
googleads.g.doubleclick.net/pagead/ Frame 5F4F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=280&slotname=8565848406&adk=3206789439&adf=2750238705&w=360&fwrn=4&fwrnh=100&lmt=1553633940&rafmt=1&guci=1.2.0.0.2.2.0.0&format=360x280&url=http%3A%2F%2Fwww.malware-tech.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553633940833&bpp=14&bdt=1059&fdt=59&idt=58&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&correlator=4568371615323&frm=20&pv=2&ga_vid=1516705285.1553633941&ga_sid=1553633941&ga_hid=1970228497&ga_fc=0&iag=0&icsg=9435823&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1003&ady=333&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.y85ard10nf19&fsb=1&xpc=pivZbkOSki&p=http%3A//www.malware-tech.com&dtd=80
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7943855733030580&output=html&h=280&slotname=8565848406&adk=3206789439&adf=2750238705&w=360&fwrn=4&fwrnh=100&lmt=1553633940&rafmt=1&guci=1.2.0.0.2.2.0.0&format=360x280&url=http%3A%2F%2Fwww.malware-tech.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553633940833&bpp=14&bdt=1059&fdt=59&idt=58&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&correlator=4568371615323&frm=20&pv=2&ga_vid=1516705285.1553633941&ga_sid=1553633941&ga_hid=1970228497&ga_fc=0&iag=0&icsg=9435823&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1003&ady=333&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.y85ard10nf19&fsb=1&xpc=pivZbkOSki&p=http%3A//www.malware-tech.com&dtd=80
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.malware-tech.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.malware-tech.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Mar 2019 20:59:01 GMT
server
cafe
content-length
11560
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Mar-2019 21:14:00 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Tue, 26 Mar 2019 20:59:01 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c8326bbf2a182bc13eb5c230d0046332d605dc34f217458299cebe30eebeb0cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 20:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1553539505445926"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29012
x-xss-protection
1; mode=block
expires
Tue, 26 Mar 2019 20:59:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9CF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=280&slotname=8565848406&adk=48667111&adf=2479844514&w=360&fwrn=4&fwrnh=100&lmt=1553633940&rafmt=1&guci=1.2.0.0.2.2.0.0&format=360x280&url=http%3A%2F%2Fwww.malware-tech.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553633940847&bpp=7&bdt=1073&fdt=75&idt=44&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=360x280&correlator=4568371615323&frm=20&pv=1&ga_vid=1516705285.1553633941&ga_sid=1553633941&ga_hid=1970228497&ga_fc=0&iag=0&icsg=42990255&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=3805&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.6xiy4f5gpo1l&fsb=1&xpc=S0O68wntJ6&p=http%3A//www.malware-tech.com&dtd=78
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7943855733030580&output=html&h=280&slotname=8565848406&adk=48667111&adf=2479844514&w=360&fwrn=4&fwrnh=100&lmt=1553633940&rafmt=1&guci=1.2.0.0.2.2.0.0&format=360x280&url=http%3A%2F%2Fwww.malware-tech.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553633940847&bpp=7&bdt=1073&fdt=75&idt=44&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=360x280&correlator=4568371615323&frm=20&pv=1&ga_vid=1516705285.1553633941&ga_sid=1553633941&ga_hid=1970228497&ga_fc=0&iag=0&icsg=42990255&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=3805&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.6xiy4f5gpo1l&fsb=1&xpc=S0O68wntJ6&p=http%3A//www.malware-tech.com&dtd=78
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.malware-tech.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.malware-tech.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Mar 2019 20:59:01 GMT
server
cafe
content-length
327
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Mar-2019 21:14:00 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Tue, 26 Mar 2019 20:59:01 GMT
cache-control
private
generator.php
malware-tech.com/ 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://malware-tech.com/generator.php?action_name=Malware%20Tech&idsite=355&rec=1&r=440835&h=20&m=59&s=2&url=http%3A%2F%2Fwww.malware-tech.com%2F&_id=3d9f984c91ad32fe&_idts=1553633942&_idvc=1&_idn=0&_refts=0&_viewts=1553633942&send_image=0&cookie=1&res=1600x1200&gt_ms=496
Requested by
Host: www.malware-tech.com
URL: http://www.malware-tech.com/
Protocol
HTTP/1.1
Server
50.63.55.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-50-63-55-124.ip.secureserver.net
Software
nginx/1.0.15 / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
malware-tech.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.malware-tech.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.malware-tech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 20:59:03 GMT
Server
nginx/1.0.15
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask undefined| $ function| jQuery object| _paq function| httfebnbnh object| Modernizr object| respond function| yepnope object| adsbygoogle function| setCookie function| getCookie object| _wpcf7 object| sidebar_position object| jQuery111106357009660720936 object| content_pos string| discl_html object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| JSON2 object| Piwik object| AnalyticsTracker function| piwik_log

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.malware-tech.com/ Name: _pk_ses.355.6102
Value: *
.doubleclick.net/ Name: IDE
Value: AHWqTUk9AqtKnWZCWuH1RmchDRFZzh_YVmfm_cTzpfTkPP7_GBNl7VGQ9m0-aOqb
www.malware-tech.com/ Name: _pk_id.355.6102
Value: 3d9f984c91ad32fe.1553633942.1.1553633942.1553633942.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
affiliates.digitalriver.com
app7.kromtech.net
assets.kromtech.net
googleads.g.doubleclick.net
kromtech.net
link.safecart.com
malware-tech.com
pagead2.googlesyndication.com
plumbytes.com
rewired.enigma.revenuewire.net
rewired.enigma.safecart.com
rewired.reimage.revenuewire.net
rewired.reimage.safecart.com
send.onenetworkdirect.net
www.googletagservices.com
www.malware-tech.com
www.plumbytes.com
www.reimageplus.com
www.spyhunter.com
13.35.253.76
149.126.77.38
161.47.7.14
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:824::2002
34.204.117.160
45.55.29.117
45.60.33.126
50.63.55.124
54.165.66.19
54.81.148.134
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1daea716bb34f6c95ff8703792c7b1afb35fadc6711da089937651fe86311a0c
20af1d713fc681806e4ad2e9fc9af237894079d5818138770141c29ee6727460
37e8beb9cb32ed21315dd84ca04289125201b36e0acc5d4c3dfb72b93adb29d8
4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a
5b87bf2d49f0fa0ef27536a020ff655de76e84231464cdb3b0a09c487605cae4
61edf863f56070b2f9d6c4cc1ba154f634fdd58cc44c1fc73e4898dbc212f7a9
74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3
79c5860ff03f0d5b91fdb7e0eaccf6ae5c8cd75c62292ff2a42b86f32871a421
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
80101386673ac21ee83bdf9d17415fc9eb68c4fc97f0a29feccf724f5268d3ad
8f4693f3d529dec845bb5727455f13254dbfababe161ad7a2003aa5e23ee362c
96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a
9b0b4ccf126976608498f6b3f1730e7766d306ecfa65174cbdbd7d3368668b7a
9cd6264edc0602e02f6917b3808b9231d79c4f446c0f0d5a0e407eab2df1e61d
9eebbffc95c199d1593cee5d102852e44286ae45039f360395c6b10267e96ce3
a7c5fc4f9d206e6e97176a6e38da8c3c8d70247c46a2a2b14a9fa8ae9ae7d41f
c4475ddb21ea0c01df26728c5d5165248916153b696efc0f680812d764f148b5
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c8326bbf2a182bc13eb5c230d0046332d605dc34f217458299cebe30eebeb0cb
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0adb6cf55255c433b73d0abb1899c8a0d6af0c34f4e7b8d988585ca9614c432
f8f85ad75eb6613a5e85db8094bc5ae0aaf2ac807d49d78ad2d8c78ca4e1e266