propdfconverter.dl.myway.com Open in urlscan Pro
35.244.218.203 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
Submission: On June 22 via manual (June 22nd 2020, 10:21:05 am UTC) from IN

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 10 HTTP transactions. The main IP is 35.244.218.203, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is propdfconverter.dl.myway.com.

This is the only time propdfconverter.dl.myway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	35.244.218.203 35.244.218.203	15169 (GOOGLE) (GOOGLE)
1 3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	104.111.214.175 104.111.214.175	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.154.43 13.226.154.43	16509 (AMAZON-02) (AMAZON-02)
1	95.100.116.232 95.100.116.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
10	7

3 35.244.218.203 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 203.218.244.35.bc.googleusercontent.com

propdfconverter.dl.myway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.175 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-175.deploy.static.akamaitechnologies.com

akz.imgfarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.154.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-43.dus51.r.cloudfront.net

www.research.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.116.232 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-116-232.deploy.static.akamaitechnologies.com

ak.imgfarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	doubleclick.net 1 redirects securepubads.g.doubleclick.net	104 KB
3	myway.com propdfconverter.dl.myway.com	10 KB
2	imgfarm.com akz.imgfarm.com ak.imgfarm.com	15 KB
1	google.com adservice.google.com	168 B
1	google.nl adservice.google.nl	1009 B
1	research.net www.research.net
10	6

	Domain	Requested by
3	securepubads.g.doubleclick.net	1 redirects propdfconverter.dl.myway.com securepubads.g.doubleclick.net
3	propdfconverter.dl.myway.com	propdfconverter.dl.myway.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	ak.imgfarm.com	propdfconverter.dl.myway.com
1	www.research.net	propdfconverter.dl.myway.com
1	akz.imgfarm.com	propdfconverter.dl.myway.com
10	7

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
surveymonkey.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
*.google.nl GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
Frame ID: C1F8E19D79140F1F8B35C485C7C1CDBF
Requests: 9 HTTP requests in this frame

Frame: https://www.research.net/r/ZMKZRJG?ptb=&c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5&browser=Chrome
Frame ID: A726C3A7500FF579CA046B6217452150
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

10
Requests

50 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

130 kB
Transfer

370 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set uninstall.jhtml Show response
propdfconverter.dl.myway.com/ 34 KB
10 KB 216ms
151ms Document
text/html 35.244.218.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
Protocol: HTTP/1.1
Server: 35.244.218.203 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 203.218.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: f954271fd52c4b8cfd9af79df868f11341d00bf508b759ca4ac14e5485c26f34

Request headers

Host: propdfconverter.dl.myway.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 10:20:47 GMT
Server: Apache-Coyote/1.1
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Set-Cookie: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=en_US; Path=/ anx="xracl=&xrvt=&xgds=&lv=1592821247938&adfi=&xrvi=&xad=&xrmu=&xmt=&add=&adc=&xit=&xiu=&adn=&adm=&xlang=&adp=&xmvtv=&adt=&xose=&xrm=&xrp=&xica=&xrs=&xrt=&xrv=&adap=&xnt=&xriad=&nv=1&fv=1592821247938&xuer=&ob=-&xrct=&oc=-&od=none&xgc=&si=-&xrth=&sn=prod-dlp-europe-west1-cgft&ok=-&om=-&xrco=&xrkw=&xrca=&op=-&xrcc=&xsee=&os=-&surveyUrl=https%3A%2F%2Fwww.research.net%2Fr%2FZMKZRJG%3Fptb%3D%26c%3D1BD8E6F7-F501-40D3-90FA-AE7121E1326B%2526ptb%3D%5ECRB%5Exdm456%5ES38096%5Eau%2526ff%3D5%26browser%3DChrome&xkw=&xtc=&g=-&xiad=&xbkw=&tbGuid=&xrsp=&xg=&p=-&xeid=&xh=&xi=&t=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%2526ptb%3D%5ECRB%5Exdm456%5ES38096%5Eau%2526ff%3D5&xtp=&adti=&xn=&xp=&xtt=&xpp=&xs=&xt=&xpt=&xu=&xcid="; Version=1; Domain=.myway.com; Max-Age=7776000; Expires=Sun, 20-Sep-2020 10:20:47 GMT; Path=/
Transfer-Encoding: chunked
Via: 1.1 google

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

45 KB
16 KB

109ms
59ms

Script
text/javascript

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: propdfconverter.dl.myway.com
URL: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

f4f4f2c28a13b98246ee9ea7f9321904267a0b6e59869faf6c7e031056440b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "550 / 716 of 1000 / last-modified: 1592611853"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15465
x-xss-protection: 0
expires: Mon, 22 Jun 2020 10:20:48 GMT

Redirect headers

Date: Mon, 22 Jun 2020 10:18:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 168
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Mon, 22 Jun 2020 10:48:00 GMT

GET
H/1.1 200
OK anemone-1.2.7.js Show response
akz.imgfarm.com/images/anx/ 41 KB
11 KB 148ms
27ms Script
application/javascript 104.111.214.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://akz.imgfarm.com/images/anx/anemone-1.2.7.js
Requested by: Host: propdfconverter.dl.myway.com
URL: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
Protocol: HTTP/1.1
Server: 104.111.214.175 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-175.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b61f1dc82835d8bc3b6332443358eb5b9c41a5f4b0672497cdf06ac0a8bbfdfa

Request headers

Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 10:20:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2013 20:02:48 GMT
Server: Apache
ETag: "a236-4e105874e8a00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=95852627
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11189
Expires: Thu, 06 Jul 2023 20:04:35 GMT

GET
H2 200 ZMKZRJG
www.research.net/r/ Frame A726 0
0 332ms
244ms Document
text/html 13.226.154.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.research.net/r/ZMKZRJG?ptb=&c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5&browser=Chrome

Requested by

Host: propdfconverter.dl.myway.com
URL: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.154.43 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-154-43.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' wss://*.hotjar.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';report-uri https://csp.surveymonkey.com/report?e=true&c=prod&ar=true&a=responseweb
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' wss://*.hotjar.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';report-uri https://csp.surveymonkey.com/report?e=true&c=prod&ar=true&a=responseweb
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.research.net
:scheme: https
:path: /r/ZMKZRJG?ptb=&c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5&browser=Chrome
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: nginx
date: Mon, 22 Jun 2020 10:20:48 GMT
set-cookie: ep201=imYKzp/HfjkUYGB3xDG5xknCVIg=; Domain=.research.net; Path=/; Expires=Mon, 22-Jun-20 10:50:48 GMT ep202=9mBHYbW+uJ4WT6S27EO2NXAgsTU=; Domain=.research.net; Path=/; Expires=Sun, 20-Sep-20 10:20:48 GMT ep203=2STHry7qDWKvGrKX5izxkCKy2jM=; Domain=.research.net; Path=/; Expires=Sun, 20-Sep-20 10:20:48 GMT attr_multitouch=GocBelavAEvwZRE16drtHdI2P3E=; Domain=.research.net; Path=/; Expires=Tue, 22-Jun-21 16:20:48 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
sl_notranslate: 1
pragma: no-cache
sm-request-id: a61ed04c-1c25-4baf-b184-605cd1d1c0d1
x-request-uuid: 0a8f0828-b472-11ea-a2fc-0242ac110002
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' wss://*.hotjar.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';report-uri https://csp.surveymonkey.com/report?e=true&c=prod&ar=true&a=responseweb
x-webkit-csp: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' wss://*.hotjar.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';report-uri https://csp.surveymonkey.com/report?e=true&c=prod&ar=true&a=responseweb
x-content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' wss://*.hotjar.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://secure.surveymonkey.com 'self';report-uri https://csp.surveymonkey.com/report?e=true&c=prod&ar=true&a=responseweb
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: gZPZKW_pCl4LXIv7q_gWlke0LUv6aq6aZyiJgbX55f3toJfSrNhIWQ==

GET
H/1.1 200
OK uninstallty.png
ak.imgfarm.com/images/download/static/uninstall/assets/ 4 KB
4 KB 113ms
81ms Image
image/png 95.100.116.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ak.imgfarm.com/images/download/static/uninstall/assets/uninstallty.png
Requested by: Host: propdfconverter.dl.myway.com
URL: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
Protocol: HTTP/1.1
Server: 95.100.116.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-116-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ebf99a1127c6a886b5004ccb4b894653e4c8b5e31869aefe20b58c86acdea499

Request headers

Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 10:20:48 GMT
Last-Modified: Mon, 20 Apr 2020 16:35:27 GMT
Server: Apache
ETag: "e3f-5a3bb7c8d3cca"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=73153
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3647
Expires: Tue, 23 Jun 2020 06:40:01 GMT

GET
H/1.1 204
No Content anemone.jhtml
propdfconverter.dl.myway.com/ 0
108 B 22ms
22ms Image
text/plain 35.244.218.203
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://propdfconverter.dl.myway.com/anemone.jhtml?anxuu=7F8FCA08-B2BE-41BA-8507-D6CAC8B1D6BA&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T00%3A00%3A00Z&anxsn=prod-dlp-europe-west1-cgft&anxu=http%3A%2F%2Fpropdfconverter.dl.myway.com%2Funinstall.jhtml&anxl=en-US&anxlv=1592821247938&anxrd=none&anxrp=-&anxrk=-&anxrm=-&anxrb=-&anxrc=-&anxrs=-&anxsq=1&anxi=6D8CBFC9-F034-4CA7-A77A-F7A8C43FB20F&anxe=backFill&anxr=1408163742
Requested by: Host: propdfconverter.dl.myway.com
URL: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
Protocol: HTTP/1.1
Server: 35.244.218.203 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 203.218.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 10:20:48 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1

GET
H/1.1 204
No Content anemone.jhtml
propdfconverter.dl.myway.com/ 0
108 B 35ms
23ms Image
text/plain 35.244.218.203
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://propdfconverter.dl.myway.com/anemone.jhtml?anxuu=7F8FCA08-B2BE-41BA-8507-D6CAC8B1D6BA&anxa=CAPDownloadProcess&anxv=1.0.0&anxd=2011-06-01T00%3A00%3A00Z&anxsn=prod-dlp-europe-west1-cgft&anxu=http%3A%2F%2Fpropdfconverter.dl.myway.com%2Funinstall.jhtml&anxl=en-US&anxlv=1592821247943&anxsq=3&page=uninstall_loaded&action=uninstall&anxe=DLPInfo&anxr=2083619312
Requested by: Host: propdfconverter.dl.myway.com
URL: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
Protocol: HTTP/1.1
Server: 35.244.218.203 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 203.218.244.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Jun 2020 10:20:48 GMT
Via: 1.1 google
Server: Apache-Coyote/1.1

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
1009 B 42ms
21ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=propdfconverter.dl.myway.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=propdfconverter.dl.myway.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Jun 2020 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020061611.js Show response
securepubads.g.doubleclick.net/gpt/ 247 KB
88 KB 56ms
56ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://propdfconverter.dl.myway.com/uninstall.jhtml?c=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%26ptb=^CRB^xdm456^S38096^au%26ff=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Jun 2020 10:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 21:48:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89804
x-xss-protection: 0
expires: Mon, 22 Jun 2020 10:20:48 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.research.net/	1970-01-19 19:12:58	Name: attr_multitouch Value: GocBelavAEvwZRE16drtHdI2P3E=
.research.net/	1970-01-19 12:36:37	Name: ep203 Value: 2STHry7qDWKvGrKX5izxkCKy2jM=
.research.net/	1970-01-19 10:27:03	Name: ep201 Value: imYKzp/HfjkUYGB3xDG5xknCVIg=
.myway.com/	1970-01-19 12:36:37	Name: anx Value: "u=7F8FCA08-B2BE-41BA-8507-D6CAC8B1D6BA&fv=1592821247938&lv=1592821247946&nv=3&t=1BD8E6F7-F501-40D3-90FA-AE7121E1326B%2526ptb%3D%5ECRB%5Exdm456%5ES38096%5Eau%2526ff%3D5&v=-&p=-&si=-&sn=prod-dlp-europe-west1-cgft&od=none&op=-&ok=-&om=-&ob=-&oc=-&os=-&w=1600&h=1200&cd=24&f=-&g=-&surveyUrl=https%3A%2F%2Fwww.research.net%2Fr%2FZMKZRJG%3Fptb%3D%26c%3D1BD8E6F7-F501-40D3-90FA-AE7121E1326B%2526ptb%3D%5ECRB%5Exdm456%5ES38096%5Eau%2526ff%3D5%26browser%3DChrome&xx=install"
.myway.com/	1969-12-31 23:59:59	Name: anxs Value: "s=2050725275&sv=1592821247939&sd=none&sp=-&sk=-&sm=-&sb=-&sc=-&ss=-"
.research.net/	1970-01-19 12:36:37	Name: ep202 Value: 9mBHYbW+uJ4WT6S27EO2NXAgsTU=
propdfconverter.dl.myway.com/	1969-12-31 23:59:59	Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: en_US

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
ak.imgfarm.com
akz.imgfarm.com
propdfconverter.dl.myway.com
securepubads.g.doubleclick.net
www.research.net
104.111.214.175
13.226.154.43
172.217.18.2
2a00:1450:4001:809::2002
2a00:1450:4001:825::2002
35.244.218.203
95.100.116.232
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
b61f1dc82835d8bc3b6332443358eb5b9c41a5f4b0672497cdf06ac0a8bbfdfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf99a1127c6a886b5004ccb4b894653e4c8b5e31869aefe20b58c86acdea499
f4f4f2c28a13b98246ee9ea7f9321904267a0b6e59869faf6c7e031056440b23
f954271fd52c4b8cfd9af79df868f11341d00bf508b759ca4ac14e5485c26f34
fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875

propdfconverter.dl.myway.com Open in urlscan Pro 35.244.218.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

50 %HTTPS

29 %IPv6

6 Domains

7 Subdomains

7 IPs

4 Countries

130 kBTransfer

370 kBSize

7 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

7 Cookies

Indicators

propdfconverter.dl.myway.com Open in urlscan Pro
35.244.218.203 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

50 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

130 kB
Transfer

370 kB
Size

7
Cookies

10 HTTP transactions
0 data transactions