win32update.rf.gd
Open in
urlscan Pro
185.27.134.34
Public Scan
Effective URL: http://win32update.rf.gd/date4/Panel/Panel/?i=1
Submission Tags: c2 malware umbra Search All
Submission: On February 20 via api from US — Scanned from GB
Summary
This is the only time win32update.rf.gd was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
23 | 185.27.134.34 185.27.134.34 | 34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited) | |
23 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
rf.gd
win32update.rf.gd |
333 KB |
23 | 1 |
Domain | Requested by | |
---|---|---|
23 | win32update.rf.gd |
win32update.rf.gd
|
23 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://win32update.rf.gd/date4/Panel/Panel/?i=1
Frame ID: 34DA48BADAC7BFD863B7C16C05C04BF2
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://win32update.rf.gd/date4/Panel/Panel/ Page URL
- http://win32update.rf.gd/date4/Panel/Panel/?i=1 Page URL
Detected technologies
ExtJS (JavaScript Frameworks) ExpandDetected patterns
- ext-base\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://win32update.rf.gd/date4/Panel/Panel/ Page URL
- http://win32update.rf.gd/date4/Panel/Panel/?i=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
win32update.rf.gd/date4/Panel/Panel/ |
846 B 838 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aes.js
win32update.rf.gd/ |
30 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
win32update.rf.gd/date4/Panel/Panel/ |
956 B 842 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ext-all.css
win32update.rf.gd/date4/Panel/resources/css/ |
136 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ext-base.js
win32update.rf.gd/date4/Panel/adapter/ext/ |
27 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ext-all.js
win32update.rf.gd/date4/Panel/ |
701 KB 228 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
win32update.rf.gd/date4/Panel/Panel/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background_gradient.png
win32update.rf.gd/date4/Panel/Panel/graphics/ |
842 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner.png
win32update.rf.gd/date4/Panel/Panel/graphics/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tip-sprite.gif
win32update.rf.gd/date4/Panel/resources/images/default/qtip/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tip-anchor-sprite.gif
win32update.rf.gd/date4/Panel/resources/images/default/qtip/ |
951 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
left-corners.png
win32update.rf.gd/date4/Panel/resources/images/default/window/ |
200 B 533 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
right-corners.png
win32update.rf.gd/date4/Panel/resources/images/default/window/ |
256 B 589 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-bottom.png
win32update.rf.gd/date4/Panel/resources/images/default/window/ |
180 B 513 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
left-right.png
win32update.rf.gd/date4/Panel/resources/images/default/window/ |
152 B 485 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
corners-sprite.gif
win32update.rf.gd/date4/Panel/resources/images/default/panel/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-bottom.gif
win32update.rf.gd/date4/Panel/resources/images/default/panel/ |
875 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
left-right.gif
win32update.rf.gd/date4/Panel/resources/images/default/panel/ |
815 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn.gif
win32update.rf.gd/date4/Panel/resources/images/default/button/ |
4 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
text-bg.gif
win32update.rf.gd/date4/Panel/resources/images/default/form/ |
819 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow.png
win32update.rf.gd/date4/Panel/resources/images/default/ |
311 B 644 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow-lr.png
win32update.rf.gd/date4/Panel/resources/images/default/ |
135 B 468 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shadow-c.png
win32update.rf.gd/date4/Panel/resources/images/default/ |
118 B 451 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange object| Ext object| swfobject string| id1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
win32update.rf.gd/ | Name: __test Value: d3df92f47202f75e9e35530a81065d86 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
win32update.rf.gd
185.27.134.34
0ef51cb149608bb982a3ef53a0ee990a7449b2d1a029334a0b6c57ccf5874e74
2401e260ba44275168a20dc8102e7490bbcc39d0b4276a61f7c36467b0472e65
2ceabf012c48dba7c3865ebd47af9b28e17bc94defc4960105eb47a871a1bf29
37ec6ae6367f5696877ce3bd050a49c39fe7168fbe2e43270ed51246c2e5cd6d
407cdc936ba3d8bf3d3e7b46d7a896f8b5e560689d9b570cc35b33e5873e2a7c
4add1861015a041b3eeb386132682f4d7653325a5270628131865c5a81f5994b
5fa9d6233d9fda76dee4118c36670ee7501be0ff9c99eae626ef6c2be8bb7546
5fd64abe533b57dfb998f1cada792f8d30087179c65a7781f8f5fb923103c1bd
73adca65e1094b2701b058355f601b8b93c2cc415a7791b690c65c9c0e5372ac
7abbfb3a8a443f67bc59f600221a9f892bf2d0794cc17b796991ea433f01779f
7e188ce20ec98dc68e6325bddb607f097fee0429824e472bd087cd46d2fe0c69
8cd83017f0d082a71f78fba08218fbe6289b83e9b062f8d0b7b7d0372260c076
9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73
9bb52e335e70d808a76fc0dd6df5c0b738dc800f4fffb6087217f9bcfeba7271
afe8b04aaec051182eebc99f9b6e1398baed21a7f2672f8a686118c3f2b842c7
b29295f9452f38d2df87b9592e41fda14e0ae5a5bb318f7893dd199504e39151
b505740166ed0f6e989b89ef4b93ccf2e40054f639f7d5b942a970dd705f3487
ba42af701daf4071673062b5aaa3565104ea73f38a878faab14bb1b6226bbe49
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
e71e9341d7f8dca98f9ea9ad7038f590606b4ee0b89f6bf0d1b9ff0167dc826e
f2760c9c283d08e865871b730acba54201e8920ed0c4ee960d31155b829fec5e
f95c179f9b9324cc174064f0f9afc9d77c289b91fec56fc8a1c3cb6393407db9
f980884f5cac0b523dcd89b75b5c3d40f14e545fb7086abfff0b8893e324055c