Submitted URL: https://pdownload.amigo.mail.ru/ldownload/amigo_ofga.exe?amigo_install=1&partnerid=813203&partner_new_url=http://universalsrc.co...
Effective URL: https://pdownload.amigo.mail.ru/ldownload/amigo_ofga.exe?amigo_install=1&partnerid=813203&partner_new_url=http://universalsrc.co...
Submission: On October 26 via manual from IL

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 217.69.139.252, located in Russian Federation and belongs to MAILRU-AS Mail.Ru, RU. The main domain is pdownload.amigo.mail.ru.
TLS certificate: Issued by GeoTrust RSA CA 2018 on December 9th 2019. Valid for: 2 years.
This is the only time pdownload.amigo.mail.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.69.139.252 47764 (MAILRU-AS...)
1 1
Apex Domain
Subdomains
Transfer
1 mail.ru
pdownload.amigo.mail.ru
1 1
Domain Requested by
1 pdownload.amigo.mail.ru
1 1

This site contains no links.

Subject Issuer Validity Valid
*.amigo.mail.ru
GeoTrust RSA CA 2018
2019-12-09 -
2021-12-08
2 years crt.sh

This page contains 1 frames:

Primary Page: https://pdownload.amigo.mail.ru/ldownload/amigo_ofga.exe?amigo_install=1&partnerid=813203&partner_new_url=http://universalsrc.com/productApi/amigo?productid=13&bannerid=64&landingid=1&source=softportal.com&rfr=813203&guid=$__GUID&ovr=$__OVR&ext_install_callback=http://universalsrc.com/productApi/component?productid=13&bannerid=64&landingid=1&source=softportal.com&comp={component}&paid={paid}&pa={paidAction}&pb={paidBrowser}&br={browser}&bc1={browserClass1}&bc2={browserClass2}&iid={installId}&rfr={rfr}&ext_partnerid=dse.1:813353%22,dse.2:813553,hp.1:813303,hp.2:813503,pult.1:813403,pult.2:813603,vbm.1:813403,vbm.2:813603,any.1:813253,%22any.2:813453&ua_rfr=CHANNEL_813203&ext_pay_browser_class=0&ext_install_browser_class=0&am_default=1&vbm_install=1&hp_install=1&dse_install=1&attr=mndt&rfr=813203&ext_params=old_mr1lad=5847249217f618b-2141105_2008587-2141105_2008587-2141105_2008587&old_mr1lext=2277_extra=productid=13&bannerid=64&landingid=1&source=softportal.com&rfr=813203&old_VID=2SP_mm1lbSnX0000050A14XX::41644690:
Frame ID: 4A42EA9B217255AA756D95B7CEC98F9C
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request amigo_ofga.exe
pdownload.amigo.mail.ru/ldownload/
0
0
Document
General
Full URL
https://pdownload.amigo.mail.ru/ldownload/amigo_ofga.exe?amigo_install=1&partnerid=813203&partner_new_url=http://universalsrc.com/productApi/amigo?productid=13&bannerid=64&landingid=1&source=softportal.com&rfr=813203&guid=$__GUID&ovr=$__OVR&ext_install_callback=http://universalsrc.com/productApi/component?productid=13&bannerid=64&landingid=1&source=softportal.com&comp={component}&paid={paid}&pa={paidAction}&pb={paidBrowser}&br={browser}&bc1={browserClass1}&bc2={browserClass2}&iid={installId}&rfr={rfr}&ext_partnerid=dse.1:813353%22,dse.2:813553,hp.1:813303,hp.2:813503,pult.1:813403,pult.2:813603,vbm.1:813403,vbm.2:813603,any.1:813253,%22any.2:813453&ua_rfr=CHANNEL_813203&ext_pay_browser_class=0&ext_install_browser_class=0&am_default=1&vbm_install=1&hp_install=1&dse_install=1&attr=mndt&rfr=813203&ext_params=old_mr1lad=5847249217f618b-2141105_2008587-2141105_2008587-2141105_2008587&old_mr1lext=2277_extra=productid=13&bannerid=64&landingid=1&source=softportal.com&rfr=813203&old_VID=2SP_mm1lbSnX0000050A14XX::41644690:
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.69.139.252 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
amigo.mail.ru
Software
nginx /
Resource Hash

Request headers

Host
pdownload.amigo.mail.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Mon, 26 Oct 2020 12:45:19 GMT
Content-Type
application/octet-stream
Content-Length
158352
Connection
keep-alive
Content-Disposition
attachment; filename="amigo_ofga.exe"
Etag
"d07895590c3235111043d4f7ea6eb3fe48818310"

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pdownload.amigo.mail.ru
217.69.139.252