![](/screenshots/927e5c7e-90a6-471a-9dc2-0b5d2643cbb0.png)
www.malware-tech.com
Open in
urlscan Pro
50.63.55.124
Public Scan
Submission: On March 26 via manual from US
Summary
This is the only time www.malware-tech.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 26 | 50.63.55.124 50.63.55.124 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
3 | 2a00:1450:400... 2a00:1450:4001:81a::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 6 | 149.126.77.38 149.126.77.38 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
1 1 | 161.47.7.14 161.47.7.14 | 19994 (RACKSPACE) (RACKSPACE - Rackspace Hosting) | |
2 2 | 34.204.117.160 34.204.117.160 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 54.165.66.19 54.165.66.19 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 54.81.148.134 54.81.148.134 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 3 | 45.55.29.117 45.55.29.117 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
1 | 13.35.253.76 13.35.253.76 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 45.60.33.126 45.60.33.126 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
2 | 2a00:1450:400... 2a00:1450:4001:81b::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a00:1450:400... 2a00:1450:4001:818::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
34 | 10 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-50-63-55-124.ip.secureserver.net
www.malware-tech.com | |
malware-tech.com |
ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com |
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 149.126.77.38.ip.incapdns.net
rewired.reimage.revenuewire.net | |
rewired.reimage.safecart.com | |
link.safecart.com | |
rewired.enigma.revenuewire.net | |
rewired.enigma.safecart.com |
ASN19994 (RACKSPACE - Rackspace Hosting, US)
www.reimageplus.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-204-117-160.compute-1.amazonaws.com
kromtech.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-66-19.compute-1.amazonaws.com
assets.kromtech.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-81-148-134.compute-1.amazonaws.com
app7.kromtech.net |
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
www.plumbytes.com | |
plumbytes.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-76.fra6.r.cloudfront.net
www.spyhunter.com |
ASN19551 (INCAPSULA - Incapsula Inc, US)
send.onenetworkdirect.net | |
affiliates.digitalriver.com |
ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de | |
www.googletagservices.com |
ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
malware-tech.com
6 redirects
www.malware-tech.com malware-tech.com |
244 KB |
4 |
kromtech.net
3 redirects
kromtech.net assets.kromtech.net app7.kromtech.net |
18 KB |
4 |
safecart.com
4 redirects
rewired.reimage.safecart.com link.safecart.com rewired.enigma.safecart.com |
5 KB |
4 |
googlesyndication.com
pagead2.googlesyndication.com |
181 KB |
3 |
doubleclick.net
googleads.g.doubleclick.net |
|
3 |
plumbytes.com
2 redirects
www.plumbytes.com plumbytes.com |
17 KB |
2 |
revenuewire.net
2 redirects
rewired.reimage.revenuewire.net rewired.enigma.revenuewire.net |
1 KB |
1 |
googletagservices.com
www.googletagservices.com |
28 KB |
1 |
google.com
adservice.google.com |
171 B |
1 |
google.de
adservice.google.de |
171 B |
1 |
digitalriver.com
affiliates.digitalriver.com |
2 KB |
1 |
onenetworkdirect.net
1 redirects
send.onenetworkdirect.net |
946 B |
1 |
spyhunter.com
www.spyhunter.com |
23 KB |
1 |
reimageplus.com
1 redirects
www.reimageplus.com |
421 B |
34 | 14 |
Domain | Requested by | |
---|---|---|
24 | www.malware-tech.com |
6 redirects
www.malware-tech.com
|
4 | pagead2.googlesyndication.com |
www.malware-tech.com
pagead2.googlesyndication.com |
3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | www.plumbytes.com | 2 redirects |
2 | kromtech.net | 2 redirects |
2 | link.safecart.com | 2 redirects |
2 | malware-tech.com |
www.malware-tech.com
|
1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | affiliates.digitalriver.com |
www.malware-tech.com
|
1 | send.onenetworkdirect.net | 1 redirects |
1 | www.spyhunter.com |
www.malware-tech.com
|
1 | rewired.enigma.safecart.com | 1 redirects |
1 | rewired.enigma.revenuewire.net | 1 redirects |
1 | plumbytes.com |
www.malware-tech.com
|
1 | app7.kromtech.net |
www.malware-tech.com
|
1 | assets.kromtech.net | 1 redirects |
1 | www.reimageplus.com | 1 redirects |
1 | rewired.reimage.safecart.com | 1 redirects |
1 | rewired.reimage.revenuewire.net | 1 redirects |
34 | 21 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
kromtech.net Amazon |
2018-09-11 - 2019-10-11 |
a year | crt.sh |
*.plumbytes.com COMODO RSA Domain Validation Secure Server CA |
2018-06-21 - 2019-06-22 |
a year | crt.sh |
*.spyhunter.com Amazon |
2018-07-16 - 2019-08-16 |
a year | crt.sh |
*.google.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
This page contains 5 frames:
Primary Page:
http://www.malware-tech.com/
Frame ID: 05087624D0616D96B624A835757FFCE5
Requests: 30 HTTP requests in this frame
Frame:
http://pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/show_ads_impl.js
Frame ID: 716715082FEB11EB8B6D0A86E0ABF396
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20190320/r20190131/zrt_lookup.html
Frame ID: 2F624516506BC40B4D04AEA6B58332EE
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=280&slotname=8565848406&adk=3206789439&adf=2750238705&w=360&fwrn=4&fwrnh=100&lmt=1553633940&rafmt=1&guci=1.2.0.0.2.2.0.0&format=360x280&url=http%3A%2F%2Fwww.malware-tech.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553633940833&bpp=14&bdt=1059&fdt=59&idt=58&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&correlator=4568371615323&frm=20&pv=2&ga_vid=1516705285.1553633941&ga_sid=1553633941&ga_hid=1970228497&ga_fc=0&iag=0&icsg=9435823&dssz=17&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1003&ady=333&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.y85ard10nf19&fsb=1&xpc=pivZbkOSki&p=http%3A//www.malware-tech.com&dtd=80
Frame ID: 5F4F98551DC083F834F381D29F36991A
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943855733030580&output=html&h=280&slotname=8565848406&adk=48667111&adf=2479844514&w=360&fwrn=4&fwrnh=100&lmt=1553633940&rafmt=1&guci=1.2.0.0.2.2.0.0&format=360x280&url=http%3A%2F%2Fwww.malware-tech.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1553633940847&bpp=7&bdt=1073&fdt=75&idt=44&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=360x280&correlator=4568371615323&frm=20&pv=1&ga_vid=1516705285.1553633941&ga_sid=1553633941&ga_hid=1970228497&ga_fc=0&iag=0&icsg=42990255&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=223&ady=3805&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.6xiy4f5gpo1l&fsb=1&xpc=S0O68wntJ6&p=http%3A//www.malware-tech.com&dtd=78
Frame ID: 9CF426510D2437944D6C7896BC6B6A93
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/927e5c7e-90a6-471a-9dc2-0b5d2643cbb0.png)
Detected technologies
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
- script /\/wp-includes\//i
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
- script /\/wp-includes\//i
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Detected patterns
- script /googlesyndication\.com\//i
- env /^google_ad_/i
- env /^__google_ad_/i
- env /^Goog_AdSense_/i
Detected patterns
- env /^gaGlobal$/i
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
- env /^Modernizr$/i
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Piwik () Expand
Detected patterns
- env /^Piwik$/i
- env /^_paq$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- http://www.malware-tech.com/download-reimage HTTP 301
- http://www.malware-tech.com/download-reimage/ HTTP 302
- http://rewired.reimage.revenuewire.net/reimage-pc-repair/download/ HTTP 302
- http://rewired.reimage.safecart.com/reimage-pc-repair/download/ HTTP 301
- http://www.reimageplus.com/includes/router_land.php?tracking=revenuewire&exec=run HTTP 302
- https://link.safecart.com/2m4rjw HTTP 301
- http://kromtech.net/link/4223cf6e-2605-11e9-b649-127369ec21d1&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18 HTTP 302
- http://assets.kromtech.net/lnd?back=aHR0cDovL2tyb210ZWNoLm5ldC9saW5rLzQyMjNjZjZlLTI2MDUtMTFlOS1iNjQ5LTEyNzM2OWVjMjFkMSZ0aWRfZXh0PVBvaW9uZWVyQ2xpY2s7MDJhNzA3NTgyMGE2NjhhODNjNzFmMzVjNmExNmJhNmEyNGFjNWUxOCZyZXFpZD1Sb290PTEtNWM5YTkyOTctNzI3ZjRjZTJmOWZlZWUwMGMzNjhkN2Q4&reqid=Root%3D1-5c9a9297-727f4ce2f9feee00c368d7d8&sign=5268e077d4ebb703a11a894b9fe7cebb15e10a39 HTTP 302
- http://kromtech.net/link/4223cf6e-2605-11e9-b649-127369ec21d1&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18&reqid=Root=1-5c9a9297-727f4ce2f9feee00c368d7d8&guid=fc9b1d61-5009-11e9-bfed-0e44482e0016&adb=0 HTTP 302
- https://app7.kromtech.net/landings/216.1/?affid=fc570580-5009-11e9-8cfb-2f21846d4c00-mzb&alert=44&epayId=29&guid=fc9b1d61-5009-11e9-bfed-0e44482e0016&landId=2276&reqid=Root=1-5c9a9297-727f4ce2f9feee00c368d7d8&tid_ext=PoioneerClick;02a7075820a668a83c71f35c6a16ba6a24ac5e18&trt=29_45121156&userDefiner=mzb_2754&utm_campaign=mk_rvnwr_cpi_t2_2161&utm_content=&utm_medium=&utm_source=&utm_term=
- http://www.malware-tech.com/download-plumbytes HTTP 301
- http://www.malware-tech.com/download-plumbytes/ HTTP 302
- http://link.safecart.com/2hhvj4/aHR0cDovL3d3dy5wbHVtYnl0ZXMuY29tL3BhcnRuZXIvdXJsL2Rvd25sb2Fk HTTP 301
- http://www.plumbytes.com/partner/url/download HTTP 302
- http://www.plumbytes.com/download/cuid/?tid=rwid_p00000 HTTP 301
- https://plumbytes.com/download/cuid/?tid=rwid_p00000
- http://www.malware-tech.com/download-spyhunter HTTP 301
- http://www.malware-tech.com/download-spyhunter/ HTTP 302
- http://rewired.enigma.revenuewire.net/spyhunter2/download HTTP 302
- http://rewired.enigma.safecart.com/spyhunter2/download HTTP 301
- https://www.spyhunter.com/rw/
- http://send.onenetworkdirect.net/z/580857/CD230692 HTTP 302
- http://affiliates.digitalriver.com/z/580857/CD230692
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.malware-tech.com/ |
31 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.malware-tech.com/wp-content/plugins/side-matter/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.malware-tech.com/wp-content/plugins/contact-form-7/includes/css/ |
1 KB 884 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
www.malware-tech.com/wp-content/themes/magnis/css/ |
125 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
www.malware-tech.com/wp-content/themes/magnis/css/font-awesome/css/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.malware-tech.com/wp-content/themes/magnis/ |
68 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.css
www.malware-tech.com/wp-content/themes/magnis/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
color.php
www.malware-tech.com/wp-content/themes/magnis/framework/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
www.malware-tech.com/wp-includes/js/jquery/ |
94 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
www.malware-tech.com/wp-includes/js/jquery/ |
7 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframeheight.js
www.malware-tech.com/wp-content/plugins/side-matter/js/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.js
www.malware-tech.com/wp-content/themes/magnis/js/ |
12 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-page-numbers.css
www.malware-tech.com/wp-content/plugins/wp-page-numbers/default/ |
2 KB 933 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
83 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.form.min.js
www.malware-tech.com/wp-content/plugins/contact-form-7/includes/js/ |
15 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
www.malware-tech.com/wp-content/plugins/contact-form-7/includes/js/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generator.php
malware-tech.com/ |
53 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
malware-tech.png
www.malware-tech.com/wp-content/themes/magnis/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-header-bg.jpg
www.malware-tech.com/wp-content/themes/magnis/images/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
www.malware-tech.com/wp-content/themes/magnis/css/font-awesome/fonts/ |
43 KB 44 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
app7.kromtech.net/landings/216.1/ Redirect Chain
|
0 16 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() plumbytes.com/download/cuid/ Redirect Chain
|
16 KB 16 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.spyhunter.com/rw/ Redirect Chain
|
0 23 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CD230692
affiliates.digitalriver.com/z/580857/ Redirect Chain
|
0 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/ |
199 KB 75 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190320/r20190131/ Frame 7167 |
199 KB 75 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-7943855733030580.js
pagead2.googlesyndication.com/pub-config/r20160913/ |
133 B 243 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190320/r20190131/ Frame 2F62 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 5F4F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
77 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 9CF4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generator.php
malware-tech.com/ |
0 161 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
54 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask undefined| $ function| jQuery object| _paq function| httfebnbnh object| Modernizr object| respond function| yepnope object| adsbygoogle function| setCookie function| getCookie object| _wpcf7 object| sidebar_position object| jQuery111106357009660720936 object| content_pos string| discl_html object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| JSON2 object| Piwik object| AnalyticsTracker function| piwik_log4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
www.malware-tech.com/ | Name: _pk_ses.355.6102 Value: * |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUk9AqtKnWZCWuH1RmchDRFZzh_YVmfm_cTzpfTkPP7_GBNl7VGQ9m0-aOqb |
|
www.malware-tech.com/ | Name: _pk_id.355.6102 Value: 3d9f984c91ad32fe.1553633942.1.1553633942.1553633942. |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
affiliates.digitalriver.com
app7.kromtech.net
assets.kromtech.net
googleads.g.doubleclick.net
kromtech.net
link.safecart.com
malware-tech.com
pagead2.googlesyndication.com
plumbytes.com
rewired.enigma.revenuewire.net
rewired.enigma.safecart.com
rewired.reimage.revenuewire.net
rewired.reimage.safecart.com
send.onenetworkdirect.net
www.googletagservices.com
www.malware-tech.com
www.plumbytes.com
www.reimageplus.com
www.spyhunter.com
13.35.253.76
149.126.77.38
161.47.7.14
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:824::2002
34.204.117.160
45.55.29.117
45.60.33.126
50.63.55.124
54.165.66.19
54.81.148.134
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1daea716bb34f6c95ff8703792c7b1afb35fadc6711da089937651fe86311a0c
20af1d713fc681806e4ad2e9fc9af237894079d5818138770141c29ee6727460
37e8beb9cb32ed21315dd84ca04289125201b36e0acc5d4c3dfb72b93adb29d8
4ca8f7722320d5e59ac553dc60baf881d5fddc53eef14a442c8f69bc2b481a4a
5b87bf2d49f0fa0ef27536a020ff655de76e84231464cdb3b0a09c487605cae4
61edf863f56070b2f9d6c4cc1ba154f634fdd58cc44c1fc73e4898dbc212f7a9
74785791e63a226fb98b9050f80b5d90f0ca26401e187c99ff74962ff64301d3
79c5860ff03f0d5b91fdb7e0eaccf6ae5c8cd75c62292ff2a42b86f32871a421
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
80101386673ac21ee83bdf9d17415fc9eb68c4fc97f0a29feccf724f5268d3ad
8f4693f3d529dec845bb5727455f13254dbfababe161ad7a2003aa5e23ee362c
96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a
9b0b4ccf126976608498f6b3f1730e7766d306ecfa65174cbdbd7d3368668b7a
9cd6264edc0602e02f6917b3808b9231d79c4f446c0f0d5a0e407eab2df1e61d
9eebbffc95c199d1593cee5d102852e44286ae45039f360395c6b10267e96ce3
a7c5fc4f9d206e6e97176a6e38da8c3c8d70247c46a2a2b14a9fa8ae9ae7d41f
c4475ddb21ea0c01df26728c5d5165248916153b696efc0f680812d764f148b5
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c8326bbf2a182bc13eb5c230d0046332d605dc34f217458299cebe30eebeb0cb
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0adb6cf55255c433b73d0abb1899c8a0d6af0c34f4e7b8d988585ca9614c432
f8f85ad75eb6613a5e85db8094bc5ae0aaf2ac807d49d78ad2d8c78ca4e1e266