pdownload.amigo.mail.ru
Open in
urlscan Pro
217.69.139.252
Public Scan
Effective URL: https://pdownload.amigo.mail.ru/ldownload/amigo_ofga.exe?amigo_install=1&partnerid=813203&partner_new_url=http://universalsrc.co...
Submission: On October 26 via manual from IL
Summary
TLS certificate: Issued by GeoTrust RSA CA 2018 on December 9th 2019. Valid for: 2 years.
This is the only time pdownload.amigo.mail.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 217.69.139.252 217.69.139.252 | 47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru) | |
1 | 1 |
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: amigo.mail.ru
pdownload.amigo.mail.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
mail.ru
pdownload.amigo.mail.ru |
|
1 | 1 |
Domain | Requested by | |
---|---|---|
1 | pdownload.amigo.mail.ru | |
1 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.amigo.mail.ru GeoTrust RSA CA 2018 |
2019-12-09 - 2021-12-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://pdownload.amigo.mail.ru/ldownload/amigo_ofga.exe?amigo_install=1&partnerid=813203&partner_new_url=http://universalsrc.com/productApi/amigo?productid=13&bannerid=64&landingid=1&source=softportal.com&rfr=813203&guid=$__GUID&ovr=$__OVR&ext_install_callback=http://universalsrc.com/productApi/component?productid=13&bannerid=64&landingid=1&source=softportal.com&comp={component}&paid={paid}&pa={paidAction}&pb={paidBrowser}&br={browser}&bc1={browserClass1}&bc2={browserClass2}&iid={installId}&rfr={rfr}&ext_partnerid=dse.1:813353%22,dse.2:813553,hp.1:813303,hp.2:813503,pult.1:813403,pult.2:813603,vbm.1:813403,vbm.2:813603,any.1:813253,%22any.2:813453&ua_rfr=CHANNEL_813203&ext_pay_browser_class=0&ext_install_browser_class=0&am_default=1&vbm_install=1&hp_install=1&dse_install=1&attr=mndt&rfr=813203&ext_params=old_mr1lad=5847249217f618b-2141105_2008587-2141105_2008587-2141105_2008587&old_mr1lext=2277_extra=productid=13&bannerid=64&landingid=1&source=softportal.com&rfr=813203&old_VID=2SP_mm1lbSnX0000050A14XX::41644690:
Frame ID: 4A42EA9B217255AA756D95B7CEC98F9C
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
1 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
amigo_ofga.exe
pdownload.amigo.mail.ru/ldownload/ |
0 0 |
Document
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pdownload.amigo.mail.ru
217.69.139.252