urlscan.io logo urlscan.io
SecurityTrails logo

www.tekdefense.com Open in urlscan Pro
198.49.23.177  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.tekdefense.com/downloads/malware-samples/
Submission: On October 01 via manual from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 39 HTTP transactions. The main IP is 198.49.23.177, located in United States and belongs to SQUARESPACE, US. The main domain is www.tekdefense.com.
This is the only time www.tekdefense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 198.49.23.177 53831 (SQUARESPACE)
2 104.76.200.161 16625 (AKAMAI-AS)
1 142.250.185.138 15169 (GOOGLE)
2 142.250.186.78 15169 (GOOGLE)
1 142.250.185.202 15169 (GOOGLE)
1 142.250.185.163 15169 (GOOGLE)
39 6
32    198.49.23.177 (United States)

ASN53831 (SQUARESPACE, US)
www.tekdefense.com
2    104.76.200.161 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-161.deploy.static.akamaitechnologies.com
www.paypalobjects.com
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
ajax.googleapis.com
2    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
www.google-analytics.com
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
32 www.tekdefense.com www.tekdefense.com
2 www.google-analytics.com www.tekdefense.com
2 www.paypalobjects.com www.tekdefense.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ajax.googleapis.com
1 ajax.googleapis.com www.tekdefense.com
39 6
Subject Issuer Validity Valid
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-08 -
2022-01-11		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: http://www.tekdefense.com/downloads/malware-samples/
Frame ID: 8B15F26730DE5BB448834E5D612555E0
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TekDefense - Downloads

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • (?:/yui/|yui\.yahooapis\.com)

Page Statistics

39
Requests

10 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

855 kB
Transfer

870 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 36
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1013908586&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekDefense%20-%20Downloads&utmhid=155521830&utmr=-&utmp=%2Fdownloads%2Fmalware-samples%2F&utmht=1633053795874&utmac=UA-36587401-1&utmcc=__utma%3D110816000.1141449552.1633053796.1633053796.1633053796.1%3B%2B__utmz%3D110816000.1633053796.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=30776195&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1013908586&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekDefense%20-%20Downloads&utmhid=155521830&utmr=-&utmp=%2Fdownloads%2Fmalware-samples%2F&utmht=1633053795874&utmac=UA-36587401-1&utmcc=__utma%3D110816000.1141449552.1633053796.1633053796.1633053796.1%3B%2B__utmz%3D110816000.1633053796.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=30776195&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.tekdefense.com/downloads/malware-samples/ 		45 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
9f45aa83089605115ab5b3effd540ea85be8d486e0f04dfd0e436ba30ebe8e04

Request headers

Host
www.tekdefense.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
Date
Fri, 01 Oct 2021 02:03:12 GMT
Server
Squarespace
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
X-Contextid
ubg7336Q/RVyvECJR
Transfer-Encoding
chunked
Cookie set common.css
www.tekdefense.com/display/ 		50 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
343a4e7b227443d9a0271fafd164c1ee68e2a10c6673555d88c53a369f228ef8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:12 GMT
Server
Squarespace
Cache-Control
max-age=94608000, private
Transfer-Encoding
chunked
Content-Type
text/css
X-Contextid
BGRIS7VA/F3p2i7Jv
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Cookie set squarespace-gallery-slideshow.css
www.tekdefense.com/universal/styles/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/styles/squarespace-gallery-slideshow.css?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
bf1a62c3dd9d41a6e07e7d8085d73a6d6f4da10f000578f69f8f31ec7689aaa7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:12 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"4592-1631215286000"
Content-Type
text/css
X-Contextid
4IOIhQm5/fCVDjwAO
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
4592
Cookie set yahoo-dom-event.js
www.tekdefense.com/universal/yui/yahoo-dom-event/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/yahoo-dom-event/yahoo-dom-event.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
6366210ee3e98e8dbeb12ddb208aa5bf84a0e550b1ee7bc108154bed17d5fd86

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:12 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"36989-1631215286000"
Content-Type
text/javascript
X-Contextid
YxIUCPdn/dtFzHZh1
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
36989
connection_core-min.js
www.tekdefense.com/universal/yui/connection/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/connection/connection_core-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
dc493b884b5c1dd9cc927347a08a650c23ac5db728c6e76f359ea5d44b465eab

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:15 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"7581-1631215286000"
Content-Type
text/javascript
X-Contextid
a5UOVAmO/OV8R9FAz
Accept-Ranges
bytes
Content-Length
7581
json-min.js
www.tekdefense.com/universal/yui/json/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/json/json-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
e4778b5e74de16953704058db3fc86b02d8cbf4e18c48b86b17da13e66c08660

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:15 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"4890-1631215286000"
Content-Type
text/javascript
X-Contextid
JBX86MDA/CUlB1Zgm
Accept-Ranges
bytes
Content-Length
4890
Cookie set animation-min.js
www.tekdefense.com/universal/yui/animation/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/animation/animation-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
a80737f8fdf73f43cf3f9e19ce5a248f4d324823a0b9fe3d5b183104c5f0f914

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:15 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"13827-1631215286000"
Content-Type
text/javascript
X-Contextid
ubg7336Q/mPFcUWEo
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
13827
Cookie set selector.js
www.tekdefense.com/universal/yui/selector/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/selector/selector.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
b9b49c94efe4f8c5376973cf127a967b31b0b0c5ff78270b4975afc51b23d02b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:12 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"21705-1631215286000"
Content-Type
text/javascript
X-Contextid
4IOIhQm5/bnNw4nTw
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
21705
Cookie set element.js
www.tekdefense.com/universal/yui/element/ 		32 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/element/element.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
3f781e1ec8ab4da1b5277fd277a4243d4ea9d2fa38990c507b989870b3e9e39a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"33056-1631215286000"
Content-Type
text/javascript
X-Contextid
BGRIS7VA/lUjIGzVi
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
33056
global.js
www.tekdefense.com/universal/scripts/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/global.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
5163153f73bcb9d1a994adee45d155088ce2bfdcc760a3531a31e7e1057599e2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:12 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"46629-1631215770000"
Content-Type
text/javascript
X-Contextid
4IOIhQm5/Xuc5V7B5
Accept-Ranges
bytes
Content-Length
46629
Cookie set lightbox.js
www.tekdefense.com/universal/scripts/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/lightbox.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
141e453c0954d4d72869df1454692b1191eb1f3a14583dba6711f47505cfeb95

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"32767-1631215770000"
Content-Type
text/javascript
X-Contextid
YxIUCPdn/HDUNKX3H
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
32767
api.js
www.tekdefense.com/universal/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/api.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
966df6347e0edba690c2156333bdebb32c60f958538064654259678ddfdc4f21

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"6752-1631215770000"
Content-Type
text/javascript
X-Contextid
4IOIhQm5/0KISsClz
Accept-Ranges
bytes
Content-Length
6752
Cookie set base64.js
www.tekdefense.com/universal/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/base64.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
a275d31e71f53519347ba3027d094b0106d58856342b84f529a69a4cd3259d29

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:12 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"1642-1631215770000"
Content-Type
text/javascript
X-Contextid
YxIUCPdn/PS66n4GD
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
1642
census.js
www.tekdefense.com/universal/scripts/ 		543 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/census.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
3c46620115be1a968545f16eba340f39e28ea9a5ed4629948639dcb4226a49d1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"543-1631215770000"
Content-Type
text/javascript
X-Contextid
4IOIhQm5/AN3v9Jwd
Accept-Ranges
bytes
Content-Length
543
Cookie set yahoo-min.js
www.tekdefense.com/universal/yui/yahoo/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/yahoo/yahoo-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
47df390a9b23013b1010534cfc2142ddeafa17cd1e858a1613f9a9575bbe3ddb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"6153-1631215286000"
Content-Type
text/javascript
X-Contextid
BGRIS7VA/yYQpglzI
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
6153
event-min.js
www.tekdefense.com/universal/yui/event/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/event/event-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
d557f7f21a2311c772e03a2f02b9952b6fa91f5d53a48bd32b0b5a1aa30cc322

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"14509-1631215286000"
Content-Type
text/javascript
X-Contextid
4IOIhQm5/CVzxVmSz
Accept-Ranges
bytes
Content-Length
14509
Cookie set event-mouseenter-min.js
www.tekdefense.com/universal/yui/event-mouseenter/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/event-mouseenter/event-mouseenter-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
766ae4dc020e4eaf40f8314f293a86c8ad6cfa88f9920378113851ee8c4581f9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"1456-1631215286000"
Content-Type
text/javascript
X-Contextid
BGRIS7VA/dbzpTmta
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
1456
element-min.js
www.tekdefense.com/universal/yui/element/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/yui/element/element-min.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
33de387b78bcb6b6db5ede6fb2e3a171f9439c11fc6cf2e2283a75e8f5ac8680

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"9242-1631215286000"
Content-Type
text/javascript
X-Contextid
YxIUCPdn/x0PtcTxE
Accept-Ranges
bytes
Content-Length
9242
Cookie set social.js
www.tekdefense.com/universal/scripts/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/social.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
dbdac0b481b218f965804e1ea18a1d49316773fd30dd4aeaf0f55cda574638a0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"37458-1631215770000"
Content-Type
text/javascript
X-Contextid
BGRIS7VA/rf5pvkhK
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
37458
datefmt.js
www.tekdefense.com/universal/scripts/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/datefmt.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
e5dd8953f34fb7086704b874dccacebd022a6d824f6c118ea51814f03ba87bbb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"11659-1631215770000"
Content-Type
text/javascript
X-Contextid
YxIUCPdn/LwvtxoLE
Accept-Ranges
bytes
Content-Length
11659
yui2-yui3-bridge.js
www.tekdefense.com/universal/scripts/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/yui2-yui3-bridge.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
2f9ff181474313a332c97bbee9db56f7bcfdf5c0e02b8129e6d98e2892199588

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"12027-1631215770000"
Content-Type
text/javascript
X-Contextid
4IOIhQm5/5aKwerYm
Accept-Ranges
bytes
Content-Length
12027
Cookie set squarespace-gallery-slideshow.js
www.tekdefense.com/universal/scripts/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/squarespace-gallery-slideshow.js?CE=75
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
4d3c90227aea70a3733ff1d8c46f42f43323d763764232390d50a9643bdd15c1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:14 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=94608000
Etag
W/"21566-1631215770000"
Content-Type
text/javascript
X-Contextid
BGRIS7VA/OOntPK6V
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
21566
Cookie set cookie-min.js
www.tekdefense.com/universal/scripts/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/cookie-min.js
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
27c757e3c8fd36b0356cf4d8f889ebad92688c23338baaf3abae30736ce21feb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:13 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"4401-1631215770000"
Content-Type
text/javascript
X-Contextid
YxIUCPdn/d3rVz5Fl
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
4401
Cookie set eu-cookie-policy.js
www.tekdefense.com/universal/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/universal/scripts/eu-cookie-policy.js
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
a291ec1d6fd94c27c3c163fcf50ea118d548c64b38f95bb203958091df19b03b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:14 GMT
Last-Modified
Thu, 09 Sep 2021 19:29:30 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"1682-1631215770000"
Content-Type
text/javascript
X-Contextid
BGRIS7VA/cmx8ZhQ3
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Accept-Ranges
bytes
Content-Length
1682
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-161.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6b16d96d7374c84e44234b7f901aec48131ad13a2df3fd4c6a1113a4590a98e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 02:03:15 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1483
etag
"W+Pu/C7SAaVROD4yxJfYhtmfI4zA8n2pGKd1zdw5nBA"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Sun, 12 Sep 2021 14:43:52 GMT
content-length
1494
server
Akamai Image Manager
expires
Fri, 01 Oct 2021 14:03:15 GMT
pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		42 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.161 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-161.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 02:03:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 03:24:09 GMT
server
Akamai Image Manager
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-transform, max-age=43200
content-length
42
expires
Fri, 01 Oct 2021 14:03:15 GMT
transparent.png
www.tekdefense.com/universal/images/ 		943 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/transparent.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
6cca495b4e82df5c80074f8ddaf0eb2f9c9f7dbbb56da13e3b31ac3e6fa1f9f8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:16 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"943-1631215286000"
Content-Type
image/png
X-Contextid
JBX86MDA/C6cbOeI4
Accept-Ranges
bytes
Content-Length
943
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 08:24:28 GMT
X-Content-Type-Options
nosniff
Age
63527
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
13188
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="hosted-libraries-pushers"
Expires
Fri, 30 Sep 2022 08:24:28 GMT
bg-wallpaper.png
www.tekdefense.com/universal/images/trials/module-images/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/trials/module-images/bg-wallpaper.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
9030e3d39c259d84cf0a9d2cc4f219b239a30551a8f5c1bd65ba755769f06c72

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:15 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"371944-1631215286000"
Content-Type
image/png
X-Contextid
a5UOVAmO/ccQ4NQPO
Accept-Ranges
bytes
Content-Length
371944
diagonal-noise.png
www.tekdefense.com/layout/images/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/layout/images/diagonal-noise.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:15 GMT
Cache-Control
max-age=94608000, private
Server
Squarespace
X-Contextid
ubg7336Q/W69xd7Oo
Content-Length
0
Content-Type
text/html;charset=UTF-8
feed-icon-12x12-orange.png
www.tekdefense.com/universal/images/xml/ 		552 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/xml/feed-icon-12x12-orange.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
98ea718868bb9a520da4777cd8a5ed5c76d123b77aa2e0289ab4bad638439b73

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/display/common.css?styleId=1806973&RK=1363786507660&CE=75
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:15 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"552-1631215286000"
Content-Type
image/png
X-Contextid
BGRIS7VA/ZGafGnq4
Accept-Ranges
bytes
Content-Length
552
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1817
date
Fri, 01 Oct 2021 01:32:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 01 Oct 2021 03:32:58 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
file.png
www.tekdefense.com/universal/images/core-resources/icons/blk_ko_18/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/core-resources/icons/blk_ko_18/file.png
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
5f1f2915a18465f40cd57b3c128372971ba62b3d8f04270ed04ba215fe96a84b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:16 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"2988-1631215286000"
Content-Type
image/png
X-Contextid
YxIUCPdn/PlOlXoJJ
Accept-Ranges
bytes
Content-Length
2988
Cookie set RecordHit
www.tekdefense.com/process/ 		5 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/process/RecordHit?url=%2Fdownloads%2Fmalware-samples%2F&title=TekDefense%20-%20Downloads&viewportInnerHeight=1200&viewportInnerWidth=1600&screenHeight=1200&screenWidth=1600&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&referrer=&pixelRatio=1&event=View
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/connection/connection_core-min.js?CE=75
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
88561e211e862344bd3cc71c03f8ab25d8a79b9bdbaa1e083af7e0603f30f689

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Referer
http://www.tekdefense.com/downloads/malware-samples/
Referer
http://www.tekdefense.com/downloads/malware-samples/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 02:03:15 GMT
X-Contextid
4IOIhQm5/ZeTE2mSZ
Server
Squarespace
Set-Cookie
ss_cid=5eeb8f57-9860-4efc-adaf-1b14a0a29d1d; Domain=.tekdefense.com; Expires=Sun, 01-Oct-2023 02:03:16 GMT; Path=/ ss_cvisit=1633053796019; Domain=.tekdefense.com; Expires=Fri, 01-Oct-2021 02:33:16 GMT; Path=/ ss_cpvisit=1633053796019; Domain=.tekdefense.com; Expires=Sun, 01-Oct-2023 02:03:16 GMT; Path=/
Content-Length
5
Content-Type
text/html;charset=UTF-8
Cookie set rest
www.tekdefense.com/api/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.tekdefense.com/api/rest?version=20100220&responseFormat=json&method=squarespace.rss.getFeed&moduleId=9769432&count=5&rnd=1633053795805
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/universal/yui/connection/connection_core-min.js?CE=75
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
54f5e07bb3b359b7d1213296e7258239e3062d86d67d6c133e25f2bfeb8038b1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003
Connection
keep-alive
Referer
http://www.tekdefense.com/downloads/malware-samples/
Referer
http://www.tekdefense.com/downloads/malware-samples/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 02:03:16 GMT
X-Contextid
BGRIS7VA/JRQkmpOl
Server
Squarespace
Set-Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; Path=/; HttpOnly
Transfer-Encoding
chunked
Content-Type
application/json
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Oswald:400
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
HTTP/1.1
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
caeb6ee27a5075f5c5d60a8336fd30f826339fa439c969848b1bfc940379a50f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 02:03:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 01 Oct 2021 01:01:46 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
Expires
Fri, 01 Oct 2021 02:03:15 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald:400
Protocol
HTTP/1.1
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 06:34:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 10 Aug 2021 00:16:44 GMT
Server
sffe
Age
415699
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
16016
X-XSS-Protection
0
Expires
Mon, 26 Sep 2022 06:34:56 GMT
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1013908586&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Te...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1013908586&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T...
35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1013908586&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekDefense%20-%20Downloads&utmhid=155521830&utmr=-&utmp=%2Fdownloads%2Fmalware-samples%2F&utmht=1633053795874&utmac=UA-36587401-1&utmcc=__utma%3D110816000.1141449552.1633053796.1633053796.1633053796.1%3B%2B__utmz%3D110816000.1633053796.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=30776195&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.tekdefense.com
URL: http://www.tekdefense.com/downloads/malware-samples/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 02:03:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1013908586&utmhn=www.tekdefense.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=TekDefense%20-%20Downloads&utmhid=155521830&utmr=-&utmp=%2Fdownloads%2Fmalware-samples%2F&utmht=1633053795874&utmac=UA-36587401-1&utmcc=__utma%3D110816000.1141449552.1633053796.1633053796.1633053796.1%3B%2B__utmz%3D110816000.1633053796.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=30776195&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
loading.gif
www.tekdefense.com/universal/images/manager/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tekdefense.com/universal/images/manager/loading.gif
Protocol
HTTP/1.1
Server
198.49.23.177 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
3ef4d4bdf2429f59661ebad5645f104dd285c84d35dfa265715662d08bb13bfc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.tekdefense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://www.tekdefense.com/downloads/malware-samples/
Cookie
JSESSIONID=49CFD997E984DFA721CDBA3EFE49A908.v5-web003; __utma=110816000.1141449552.1633053796.1633053796.1633053796.1; __utmc=110816000; __utmz=110816000.1633053796.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=110816000.1.10.1633053796; ss_cid=5eeb8f57-9860-4efc-adaf-1b14a0a29d1d; ss_cvisit=1633053796019; ss_cpvisit=1633053796019
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.tekdefense.com/downloads/malware-samples/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
cache
Date
Fri, 01 Oct 2021 02:03:16 GMT
Last-Modified
Thu, 09 Sep 2021 19:21:26 GMT
Server
Squarespace
Cache-Control
private,max-age=14400
Etag
W/"1248-1631215286000"
Content-Type
image/gif
X-Contextid
a5UOVAmO/OcffGmAz
Accept-Ranges
bytes
Content-Length
1248

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| WebFontConfig object| YAHOO object| D object| E object| Class function| bind function| ql_nt function| ql_csat function| ql_sifs function| ql_sfs function| openWindow function| getOpenerWindow function| closeWindow function| scrollToElement function| isVisible function| hideObject function| showObject function| noop function| smartSubmit function| smartLocation function| setCookie function| delCookie function| getCookie function| addEvent function| getWindowScroll function| toggleContentElement function| isDefined function| isLetter function| isDigit function| StringTokenizer function| showFullImage function| showPackedPosts object| Static object| Squarespace string| property function| showImage object| SSLightbox object| Connect object| Base64 number| FLICKR_SIZE_THUMBNAIL number| FLICKR_SIZE_SQUARE number| FLICKR_SIZE_SMALL number| FLICKR_SIZE_MEDIUM string| FLICKR_URL_THUMBNAIL string| FLICKR_URL_SQUARE string| FLICKR_URL_SMALL string| FLICKR_URL_MEDIUM function| addDateFormat function| fillDateFormatBox function| DateFormat function| _DateFormat_format function| _DateFormat_setStyle function| _DateFormat_consume function| _DateFormat_formatNumber function| _DateFormat_formatEra function| _DateFormat_formatMonth function| _DateFormat_formatWeekday function| _DateFormat_formatAMPM function| _DateFormat_formatTimezone function| _DateFormat_formatMillis function| _DateFormat_formatYear function| _DFSymbol function| _DFSymbol_format function| Locale function| _Locale_toString function| copy object| tmp function| YUI object| Y object| rssWidget9769432 object| _gaq string| key object| WebFont object| _gat object| gaGlobal

9 Cookies

Domain/Path Name / Value
www.tekdefense.com/ Name: JSESSIONID
Value: 49CFD997E984DFA721CDBA3EFE49A908.v5-web003
.tekdefense.com/ Name: __utma
Value: 110816000.1141449552.1633053796.1633053796.1633053796.1
.tekdefense.com/ Name: __utmc
Value: 110816000
.tekdefense.com/ Name: __utmz
Value: 110816000.1633053796.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.tekdefense.com/ Name: __utmt
Value: 1
.tekdefense.com/ Name: __utmb
Value: 110816000.1.10.1633053796
.tekdefense.com/ Name: ss_cid
Value: 5eeb8f57-9860-4efc-adaf-1b14a0a29d1d
.tekdefense.com/ Name: ss_cvisit
Value: 1633053796019
.tekdefense.com/ Name: ss_cpvisit
Value: 1633053796019

1 Console Messages

Source Level URL
Text
network error URL: http://www.tekdefense.com/layout/images/diagonal-noise.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.paypalobjects.com
www.tekdefense.com
104.76.200.161
142.250.185.138
142.250.185.163
142.250.185.202
142.250.186.78
198.49.23.177
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
141e453c0954d4d72869df1454692b1191eb1f3a14583dba6711f47505cfeb95
27c757e3c8fd36b0356cf4d8f889ebad92688c23338baaf3abae30736ce21feb
2f9ff181474313a332c97bbee9db56f7bcfdf5c0e02b8129e6d98e2892199588
33de387b78bcb6b6db5ede6fb2e3a171f9439c11fc6cf2e2283a75e8f5ac8680
343a4e7b227443d9a0271fafd164c1ee68e2a10c6673555d88c53a369f228ef8
3c46620115be1a968545f16eba340f39e28ea9a5ed4629948639dcb4226a49d1
3ef4d4bdf2429f59661ebad5645f104dd285c84d35dfa265715662d08bb13bfc
3f781e1ec8ab4da1b5277fd277a4243d4ea9d2fa38990c507b989870b3e9e39a
47df390a9b23013b1010534cfc2142ddeafa17cd1e858a1613f9a9575bbe3ddb
4d3c90227aea70a3733ff1d8c46f42f43323d763764232390d50a9643bdd15c1
5163153f73bcb9d1a994adee45d155088ce2bfdcc760a3531a31e7e1057599e2
54f5e07bb3b359b7d1213296e7258239e3062d86d67d6c133e25f2bfeb8038b1
5f1f2915a18465f40cd57b3c128372971ba62b3d8f04270ed04ba215fe96a84b
6366210ee3e98e8dbeb12ddb208aa5bf84a0e550b1ee7bc108154bed17d5fd86
6b16d96d7374c84e44234b7f901aec48131ad13a2df3fd4c6a1113a4590a98e9
6cca495b4e82df5c80074f8ddaf0eb2f9c9f7dbbb56da13e3b31ac3e6fa1f9f8
766ae4dc020e4eaf40f8314f293a86c8ad6cfa88f9920378113851ee8c4581f9
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88561e211e862344bd3cc71c03f8ab25d8a79b9bdbaa1e083af7e0603f30f689
9030e3d39c259d84cf0a9d2cc4f219b239a30551a8f5c1bd65ba755769f06c72
966df6347e0edba690c2156333bdebb32c60f958538064654259678ddfdc4f21
98ea718868bb9a520da4777cd8a5ed5c76d123b77aa2e0289ab4bad638439b73
9f45aa83089605115ab5b3effd540ea85be8d486e0f04dfd0e436ba30ebe8e04
a275d31e71f53519347ba3027d094b0106d58856342b84f529a69a4cd3259d29
a291ec1d6fd94c27c3c163fcf50ea118d548c64b38f95bb203958091df19b03b
a80737f8fdf73f43cf3f9e19ce5a248f4d324823a0b9fe3d5b183104c5f0f914
b9b49c94efe4f8c5376973cf127a967b31b0b0c5ff78270b4975afc51b23d02b
bf1a62c3dd9d41a6e07e7d8085d73a6d6f4da10f000578f69f8f31ec7689aaa7
caeb6ee27a5075f5c5d60a8336fd30f826339fa439c969848b1bfc940379a50f
d557f7f21a2311c772e03a2f02b9952b6fa91f5d53a48bd32b0b5a1aa30cc322
dbdac0b481b218f965804e1ea18a1d49316773fd30dd4aeaf0f55cda574638a0
dc493b884b5c1dd9cc927347a08a650c23ac5db728c6e76f359ea5d44b465eab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4778b5e74de16953704058db3fc86b02d8cbf4e18c48b86b17da13e66c08660
e5dd8953f34fb7086704b874dccacebd022a6d824f6c118ea51814f03ba87bbb