![](/screenshots/97e698af-3bb3-49d6-b6d0-6772ca5176dd.png)
howtoupdate.getgreatandsecurecontent.club
Open in
urlscan Pro
163.172.127.186
Malicious Activity!
Public Scan
Effective URL: https://howtoupdate.getgreatandsecurecontent.club/?b9zd1=aFDEo1W3qcjpym4Vud7AWjxq5TSBvQ8LDzjFhQ9_9uQ_iBL5gSVfGfaoz95vlnYheSPLE-KjSr8-Mi1F7OIVzA..&...
Submission: On November 28 via api from DE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 28th 2018. Valid for: 3 months.
This is the only time howtoupdate.getgreatandsecurecontent.club was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fake Adobe Update Apple Software Update (Online)Domain & IP information
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-244.above.com
lionstigersbears.org |
ASN395082 (BODIS-NJ - Bodis, LLC, US)
ww25.lionstigersbears.org |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com | |
fonts.gstatic.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-204-142-163.compute-1.amazonaws.com
usd.xanthos-alf.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-174-160.eu-central-1.compute.amazonaws.com
wait.contenthostload.com | |
pereams-pubstees.com |
ASN12876 (AS12876, FR)
PTR: 195-154-41-240.rev.poneytelecom.eu
redirect8.admedit.net |
ASN12876 (AS12876, FR)
PTR: 163-172-125-151.rev.poneytelecom.eu
www.getgreatandsecurelinksstable.club |
ASN12876 (AS12876, FR)
PTR: 163-172-127-186.rev.poneytelecom.eu
howtoupdate.getgreatandsecurecontent.club |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d3pkjdk5khxwdu.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
lionstigersbears.org
2 redirects
lionstigersbears.org ww25.lionstigersbears.org |
34 KB |
8 |
cloudfront.net
d3pkjdk5khxwdu.cloudfront.net |
97 KB |
4 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
31 KB |
4 |
google.com
www.google.com adservice.google.com |
109 KB |
3 |
doubleclick.net
survey.g.doubleclick.net |
150 KB |
2 |
admedit.net
2 redirects
redirect8.admedit.net |
720 B |
2 |
xanthos-alf.com
usd.xanthos-alf.com |
3 KB |
2 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
getgreatandsecurecontent.club
howtoupdate.getgreatandsecurecontent.club |
7 KB |
1 |
getgreatandsecurelinksstable.club
1 redirects
www.getgreatandsecurelinksstable.club |
467 B |
1 |
pereams-pubstees.com
pereams-pubstees.com |
665 B |
1 |
contenthostload.com
wait.contenthostload.com |
1 KB |
1 |
bodis.com
tracking.bodis.com |
341 B |
1 |
google.de
adservice.google.de |
171 B |
37 | 14 |
Domain | Requested by | |
---|---|---|
10 | ww25.lionstigersbears.org |
1 redirects
ww25.lionstigersbears.org
|
8 | d3pkjdk5khxwdu.cloudfront.net |
howtoupdate.getgreatandsecurecontent.club
|
3 | fonts.gstatic.com | |
3 | survey.g.doubleclick.net |
www.google.com
survey.g.doubleclick.net |
3 | www.google.com |
ww25.lionstigersbears.org
www.google.com |
2 | redirect8.admedit.net | 2 redirects |
2 | usd.xanthos-alf.com |
ww25.lionstigersbears.org
usd.xanthos-alf.com |
2 | fonts.googleapis.com |
ww25.lionstigersbears.org
|
1 | howtoupdate.getgreatandsecurecontent.club | |
1 | www.getgreatandsecurelinksstable.club | 1 redirects |
1 | pereams-pubstees.com | |
1 | wait.contenthostload.com |
usd.xanthos-alf.com
|
1 | tracking.bodis.com |
ww25.lionstigersbears.org
|
1 | adservice.google.com |
survey.g.doubleclick.net
|
1 | adservice.google.de |
survey.g.doubleclick.net
|
1 | www.gstatic.com | |
1 | lionstigersbears.org | 1 redirects |
37 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.googleapis.com Google Internet Authority G3 |
2018-10-30 - 2019-01-22 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2018-10-30 - 2019-01-22 |
3 months | crt.sh |
howtoupdate.getgreatandsecurecontent.club Let's Encrypt Authority X3 |
2018-11-28 - 2019-02-26 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2018-10-08 - 2019-10-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://howtoupdate.getgreatandsecurecontent.club/?b9zd1=aFDEo1W3qcjpym4Vud7AWjxq5TSBvQ8LDzjFhQ9_9uQ_iBL5gSVfGfaoz95vlnYheSPLE-KjSr8-Mi1F7OIVzA..&cid=w7SVODUAPDU9T6IIH2A8O59M&sid=950d4c92-e418-48ee-9215-ece2aef9679ew7SVODUAPDU9T6IIH2A8O59M&v_id=VgUANEu0U9ERacb0TWERA1-yQEUD4_rr8Hjx3qiBNBE.
Frame ID: 92B55B7E5BED2539E481C0D8DC11060A
Requests: 37 HTTP requests in this frame
Frame:
http://www.google.com/dp/ads?max_radlink_len=60&r=m&client=dp-bodis31_3ph&channel=pid-bodis-gtest36%2Cpid-bodis-gcontrol114&hl=en&adsafe=low&type=3&swp=as-drid-2886761221644809&uiopt=false&oe=UTF-8&ie=UTF-8&fexp=21404&format=r7&num=0&output=afd_ads&domain_name=ww25.lionstigersbears.org&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=0&dt=1543416783981&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=781&frm=0&uio=ff6fa6st24sa11lt36as1sl1sr1-&jsv=11712&rurl=http%3A%2F%2Fww25.lionstigersbears.org%2F
Frame ID: CB37C594959BF057238B9936ADFD68EE
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/97e698af-3bb3-49d6-b6d0-6772ca5176dd.png)
Page URL History Show full URLs
-
http://lionstigersbears.org/
HTTP 302
http://ww25.lionstigersbears.org/ Page URL
- http://ww25.lionstigersbears.org/?z Page URL
-
http://ww25.lionstigersbears.org/rz?u=http%3A%2F%2Fusd.xanthos-alf.com%2Fzcvisitor%2F4fb36c41-f31d-11e8-8923-...
HTTP 302
http://usd.xanthos-alf.com/zcvisitor/4fb36c41-f31d-11e8-8923-12e462bb42de?campaignid=f7077790-f18b-11e8... Page URL
- http://usd.xanthos-alf.com/zcredirect?visitid=4fb36c41-f31d-11e8-8923-12e462bb42de&type=js&browserWidth... Page URL
- http://wait.contenthostload.com/zp-redirect?target=https%3A%2F%2Fredirect8.admedit.net%2Fadvertise%2F%3Fadow... Page URL
- http://pereams-pubstees.com/redirect?target=BASE64aHR0cHM6Ly9yZWRpcmVjdDguYWRtZWRpdC5uZXQvYWR2ZXJ0aXNlLz... Page URL
-
https://redirect8.admedit.net/advertise/?adown=8851&cmp=576&ctrack=w7SVODUAPDU9T6IIH2A8O59M&ptrack=950d4c9...
HTTP 302
https://redirect8.admedit.net/advertise/refine.php?adown=8851&ptrack=950d4c92-e418-48ee-9215-ece2aef9679ew... HTTP 302
https://www.getgreatandsecurelinksstable.club/?b9zd1=aFDEo1W3qcjpym4Vud7AWjxq5TSBvQ8LDzjFhQ9_9uQ.&cid=w7SVODUAPDU9T6IIH2A8... HTTP 302
https://howtoupdate.getgreatandsecurecontent.club/?b9zd1=aFDEo1W3qcjpym4Vud7AWjxq5TSBvQ8LDzjFhQ9_9uQ_iBL5gSVfGfaoz95vlnYheSPLE... Page URL
Detected technologies
![](/vendor/wappa/icons/Lua.png)
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/OpenResty.png)
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://lionstigersbears.org/
HTTP 302
http://ww25.lionstigersbears.org/ Page URL
- http://ww25.lionstigersbears.org/?z Page URL
-
http://ww25.lionstigersbears.org/rz?u=http%3A%2F%2Fusd.xanthos-alf.com%2Fzcvisitor%2F4fb36c41-f31d-11e8-8923-12e462bb42de%3Fcampaignid%3Df7077790-f18b-11e8-9600-0ebb138d3962¬adsafe
HTTP 302
http://usd.xanthos-alf.com/zcvisitor/4fb36c41-f31d-11e8-8923-12e462bb42de?campaignid=f7077790-f18b-11e8-9600-0ebb138d3962 Page URL
- http://usd.xanthos-alf.com/zcredirect?visitid=4fb36c41-f31d-11e8-8923-12e462bb42de&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
- http://wait.contenthostload.com/zp-redirect?target=https%3A%2F%2Fredirect8.admedit.net%2Fadvertise%2F%3Fadown%3D8851%26cmp%3D576%26ctrack%3Dw7SVODUAPDU9T6IIH2A8O59M%26ptrack%3D950d4c92-e418-48ee-9215-ece2aef9679ew7SVODUAPDU9T6IIH2A8O59M&caid=2f245b4f-6c53-4236-b3dc-16f87bf7671f&zpid=4fb36c41-f31d-11e8-8923-12e462bb42de&cid=w7SVODUAPDU9T6IIH2A8O59M&rt=D Page URL
- http://pereams-pubstees.com/redirect?target=BASE64aHR0cHM6Ly9yZWRpcmVjdDguYWRtZWRpdC5uZXQvYWR2ZXJ0aXNlLz9hZG93bj04ODUxJmNtcD01NzYmY3RyYWNrPXc3U1ZPRFVBUERVOVQ2SUlIMkE4TzU5TSZwdHJhY2s9OTUwZDRjOTItZTQxOC00OGVlLTkyMTUtZWNlMmFlZjk2NzlldzdTVk9EVUFQRFU5VDZJSUgyQThPNTlN&ts=1543416786774&hash=bgY3vhFceQN9y4fSdw6Emswqlk0aeekmSrv0J2STaaM&rm=D Page URL
-
https://redirect8.admedit.net/advertise/?adown=8851&cmp=576&ctrack=w7SVODUAPDU9T6IIH2A8O59M&ptrack=950d4c92-e418-48ee-9215-ece2aef9679ew7SVODUAPDU9T6IIH2A8O59M
HTTP 302
https://redirect8.admedit.net/advertise/refine.php?adown=8851&ptrack=950d4c92-e418-48ee-9215-ece2aef9679ew7SVODUAPDU9T6IIH2A8O59M&ctrack=w7SVODUAPDU9T6IIH2A8O59M&cmp=576&t=1543416787&rh=6&avs=avs3&utm_src=9&sids=7 HTTP 302
https://www.getgreatandsecurelinksstable.club/?b9zd1=aFDEo1W3qcjpym4Vud7AWjxq5TSBvQ8LDzjFhQ9_9uQ.&cid=w7SVODUAPDU9T6IIH2A8O59M&sid=950d4c92-e418-48ee-9215-ece2aef9679ew7SVODUAPDU9T6IIH2A8O59M HTTP 302
https://howtoupdate.getgreatandsecurecontent.club/?b9zd1=aFDEo1W3qcjpym4Vud7AWjxq5TSBvQ8LDzjFhQ9_9uQ_iBL5gSVfGfaoz95vlnYheSPLE-KjSr8-Mi1F7OIVzA..&cid=w7SVODUAPDU9T6IIH2A8O59M&sid=950d4c92-e418-48ee-9215-ece2aef9679ew7SVODUAPDU9T6IIH2A8O59M&v_id=VgUANEu0U9ERacb0TWERA1-yQEUD4_rr8Hjx3qiBNBE. Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://lionstigersbears.org/ HTTP 302
- http://ww25.lionstigersbears.org/
- http://ww25.lionstigersbears.org/rz?u=http%3A%2F%2Fusd.xanthos-alf.com%2Fzcvisitor%2F4fb36c41-f31d-11e8-8923-12e462bb42de%3Fcampaignid%3Df7077790-f18b-11e8-9600-0ebb138d3962¬adsafe HTTP 302
- http://usd.xanthos-alf.com/zcvisitor/4fb36c41-f31d-11e8-8923-12e462bb42de?campaignid=f7077790-f18b-11e8-9600-0ebb138d3962
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ww25.lionstigersbears.org/ Redirect Chain
|
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caf.js
www.google.com/adsense/domains/ |
156 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
ww25.lionstigersbears.org/ |
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
ww25.lionstigersbears.org/ |
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glp
ww25.lionstigersbears.org/ |
14 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
1 KB 532 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
850 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() www.google.com/dp/ Frame CB37 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
async_survey
survey.g.doubleclick.net/ |
49 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caf.gif
www.gstatic.com/domainads/tracking/ |
43 B 392 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v8/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prompt_embed_static.js
survey.g.doubleclick.net/insights/consumersurveys/static/414294050368453443/ |
353 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prompt
survey.g.doubleclick.net/gk/ |
0 410 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rigd
tracking.bodis.com/ |
0 341 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ww25.lionstigersbears.org/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caf.js
www.google.com/adsense/domains/ |
156 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
ww25.lionstigersbears.org/ |
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.gif
ww25.lionstigersbears.org/ |
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glp
ww25.lionstigersbears.org/ |
9 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
5 KB 760 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
gzb
ww25.lionstigersbears.org/ |
198 B 515 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4fb36c41-f31d-11e8-8923-12e462bb42de
usd.xanthos-alf.com/zcvisitor/ Redirect Chain
|
1008 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zcredirect
usd.xanthos-alf.com/ |
890 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() wait.contenthostload.com/ |
548 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redirect
pereams-pubstees.com/ |
371 B 665 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
![]() howtoupdate.getgreatandsecurecontent.club/ Redirect Chain
|
42 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
flash_circle.png
d3pkjdk5khxwdu.cloudfront.net/lps/flash_worldcup/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
commands_3.png
d3pkjdk5khxwdu.cloudfront.net/lps/flash_mac/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
logo_f.png
d3pkjdk5khxwdu.cloudfront.net/lps/fadein_f/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
arrow__blue.png
d3pkjdk5khxwdu.cloudfront.net/lps/flash_mac/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pattern__safari1.jpg
d3pkjdk5khxwdu.cloudfront.net/lps/flash_mac/images/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pattern__safari-arrow.png
d3pkjdk5khxwdu.cloudfront.net/lps/flash_mac/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
chrome.png
d3pkjdk5khxwdu.cloudfront.net/lps/FlashPlayer2_T/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
shadow.png
d3pkjdk5khxwdu.cloudfront.net/lps/newLPs/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fake Adobe Update Apple Software Update (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| nAgt string| browserimg number| verOffset function| dragElement function| hide_download function| showStep0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
d3pkjdk5khxwdu.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
howtoupdate.getgreatandsecurecontent.club
lionstigersbears.org
pereams-pubstees.com
redirect8.admedit.net
survey.g.doubleclick.net
tracking.bodis.com
usd.xanthos-alf.com
wait.contenthostload.com
ww25.lionstigersbears.org
www.getgreatandsecurelinksstable.club
www.google.com
www.gstatic.com
103.224.182.244
163.172.125.151
163.172.127.186
18.195.174.160
195.154.41.240
199.59.242.151
199.59.242.155
2600:9000:2047:2800:0:1c7c:cc80:21
2a00:1450:4001:815::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2011
52.204.142.163
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0922bedbd38f17c97c1a356f7880d11cbcc17dec549f2d4dd6f004a06df0939a
25b13e2e8af4969b966c36d6700b019e506dc5151ea6d63224e8827ac318de91
2d8a7ae80b76143aace36a81db0ad616bef8e9815a884b267c4328a6b641c7e0
2f7c909d711e4afcb601f20c9c336bcc85be25ef374fef536a2bc8ffe2185869
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
3e81b841678d4407b3c7f41c00b6c0bec3a21484adef370a6a3deefb0da1c95a
477d1b38d53ab3df4d259898b74cbd6d9aca136f074a901d3458edcaf7ff7a09
4bdeee24d4ee95e1eef57b1c0f2aa5b188b18c0f6817edd290b57b5afba5f0c4
5377ef31bb10d31f7c6d96dd13f32bcdef03e1fb41f81f3eb3a73808d94d9842
5bbee510c3b5965532d53185cadd47753740b6445f2b9bded3849424fcd2661a
612ed4ee0c8f190d943543f4d1cf57fd082857b9ca77e6169c721235bcd7dc41
74942ecaad9f6671c7243934b3a2027834e777d361a136550aee3195e0606f3c
7b4d70d5fb64a31f115e1e853b7272e1415ffec2234e78e00847350c23d607fe
7c48ecdfda540af22ecb4d9638c8c0082e401cc4b45aa2df46c976ec80d38c12
813c5f8bedbc7bfe27afb8458a86643539754dcf0756320fa144e67af48229b7
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
906d9a64aeec0b3040d9f995c5bdbd37a9ad6904da209d9b23a6c5ad19d51f93
b433fff5919be961f970430072a831557793a468074cd8aaf30427dc6209dc3d
b965c556292c0e094811e05db58487d1d844c4bd8ff1538823a7bdccbfe73e89
c5f4cf8329ffa86e296cdd3fae45184740c46bd8d30d8eaa80d6d33e502fbf7e
cc96f13863dc0a724a693c7a7cd50f77d7a1fbc963fa57e059319d1a4886a29d
dd9d44ccd6e4efcef9a508434c79fb5fbafc7f331aa0a8be5721bc1bcb308f2e
deaad0f9b72c996a2d0038cd44cb0f508c001fc59a34849e1848ab7b940b4607
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c14d0156315e5c1655e51cf2478e5e350772b1bf3ec62f17e01fe18ea01cbe