japanese.malwares.news Open in urlscan Pro
2606:4700:30::681c:191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://japanese.malwares.news/
Effective URL:
https://japanese.malwares.news/
Submission: On October 29 via manual (October 29th 2018, 7:52:57 pm UTC) from MY

Summary HTTP 16 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:30::681c:191, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is japanese.malwares.news.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 3rd 2018. Valid for: 6 months.

This is the only time japanese.malwares.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 3	2606:4700:30:... 2606:4700:30::681c:91		13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
16	2606:4700:30:... 2606:4700:30::681c:191		13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
16	2

3 2606:4700:30::681c:91 (United States) 3 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

japanese.malwares.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:30::681c:191 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

japanese.malwares.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	malwares.news 3 redirects japanese.malwares.news	437 KB
16	1

	Domain	Requested by
19	japanese.malwares.news	3 redirects japanese.malwares.news
16	1

This site contains links to these domains. Also see Links.

Domain
www.malwares.news
wordpress.org
themezee.com

Subject Issuer	Validity	Valid
sni215848.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-03` - `2019-03-12`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://japanese.malwares.news/
Frame ID: EE255F6320B003EFEA2690A095E4FFC7
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://japanese.malwares.news/ HTTP 301
https://japanese.malwares.news/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i
meta generator /WordPress( [\d.]+)?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i
meta generator /WordPress( [\d.]+)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

436 kB
Transfer

624 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.malwares.news/download-now
Title: 無料ダウンロード

Search URL Search Domain Scan URL

URL: http://www.malwares.news/buy
Title: 今買う

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://themezee.com/themes/glades/
Title: Glades

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://japanese.malwares.news/ HTTP 301
https://japanese.malwares.news/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/Download-Now.png HTTP 301
https://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/Download-Now.png

Request Chain 9

http://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/japanese-disclosure-e1498040972222.png HTTP 301
https://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/japanese-disclosure-e1498040972222.png

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
japanese.malwares.news/
Redirect Chain

http://japanese.malwares.news/
https://japanese.malwares.news/

38 KB
9 KB

878ms
849ms

Document
text/html

2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ba387cedf27bef70d708dbf8490107f08433304a6845d4c901982e42a3eef9

Request headers

:method: GET
:authority: japanese.malwares.news
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 29 Oct 2018 19:52:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763; expires=Tue, 29-Oct-19 19:52:43 GMT; path=/; domain=.malwares.news; HttpOnly; Secure
link: <https://japanese.malwares.news/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
x-turbo-charged-by: LiteSpeed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 47182f256991236c-FRA
content-encoding: gzip

Redirect headers

Date: Mon, 29 Oct 2018 19:52:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 29 Oct 2018 20:52:43 GMT
Location: https://japanese.malwares.news/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 47182f2530a7c2e2-FRA

GET
H2 200 custom-fonts.css
japanese.malwares.news/wp-content/themes/glades/css/ 2 KB
589 B 493ms
492ms Stylesheet
text/css 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-content/themes/glades/css/custom-fonts.css?ver=20180413
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46477a5080a1756c043dd5b35cdd102feebfbe89dfc04c399972b754075a310c

Request headers

:path: /wp-content/themes/glades/css/custom-fonts.css?ver=20180413
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:44 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 18 Apr 2018 00:28:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2aceb5236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 526
expires: Mon, 05 Nov 2018 19:52:44 GMT

GET
H2 200 styles.css
japanese.malwares.news/wp-content/plugins/contact-form-7/includes/css/ 2 KB
867 B 479ms
479ms Stylesheet
text/css 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d

Request headers

:path: /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.4
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:44 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 29 Jun 2018 15:38:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2aceb6236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 729
expires: Mon, 05 Nov 2018 19:52:44 GMT

GET
H2 200 style.css
japanese.malwares.news/wp-content/themes/glades/ 62 KB
13 KB 11ms
11ms Stylesheet
text/css 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-content/themes/glades/style.css?ver=1.3
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f1f502a9a19fe80846b5e05ffb39c5ecc164f3f62da41252895c37f21944e8

Request headers

:path: /wp-content/themes/glades/style.css?ver=1.3
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 00:28:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2aceb7236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 13575
expires: Mon, 05 Nov 2018 19:52:43 GMT

GET
H2 200 genericons.css
japanese.malwares.news/wp-content/themes/glades/css/genericons/ 28 KB
16 KB 648ms
647ms Stylesheet
text/css 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-content/themes/glades/css/genericons/genericons.css?ver=3.4.1
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a767d7e7af88326afb37242f2828280a2c930945cb94b636b1f05a0afb634621

Request headers

:path: /wp-content/themes/glades/css/genericons/genericons.css?ver=3.4.1
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:44 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 18 Apr 2018 00:28:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2aceb8236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 16647
expires: Mon, 05 Nov 2018 19:52:44 GMT

GET
H2 200 jquery.js Show response
japanese.malwares.news/wp-includes/js/jquery/ 95 KB
39 KB 641ms
640ms Script
application/javascript 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:44 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 29 Oct 2018 12:45:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2aceb9236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 39407
expires: Mon, 05 Nov 2018 19:52:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
japanese.malwares.news/wp-includes/js/jquery/ 10 KB
4 KB 480ms
480ms Script
application/javascript 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:44 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 29 Oct 2018 12:45:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2aceba236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 4303
expires: Mon, 05 Nov 2018 19:52:44 GMT

GET
H2 200 navigation.js Show response
japanese.malwares.news/wp-content/themes/glades/js/ 5 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-content/themes/glades/js/navigation.js?ver=20160719
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8f063412d795236cc9fc810bd8e13a2ce43e4ea0f4c9b2980771d15687302e2

Request headers

:path: /wp-content/themes/glades/js/navigation.js?ver=20160719
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 00:28:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2acebc236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 1525
expires: Mon, 05 Nov 2018 19:52:43 GMT

GET
H2 200 wp-emoji-release.min.js Show response
japanese.malwares.news/wp-includes/js/ 12 KB
5 KB 11ms
10ms Script
application/javascript 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 16 Oct 2018 12:32:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2adede236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 4903
expires: Mon, 05 Nov 2018 19:52:43 GMT

GET
S

200

Download-Now.png
japanese.malwares.news/wp-content/uploads/sites/10/2017/06/
Redirect Chain

http://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/Download-Now.png
https://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/Download-Now.png

14 KB
14 KB

639ms
638ms

Image
image/png

2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/Download-Now.png
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b6a380b44daa2e6210d1855f41061862b264784dfb4d3fb4a0c7fa8c50aff9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:44 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2017 09:41:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2be85b236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 14123
expires: Mon, 05 Nov 2018 19:52:44 GMT

Redirect headers

Date: Mon, 29 Oct 2018 19:52:44 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/Download-Now.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 47182f2bb7ddc2e2-FRA
Expires: Mon, 29 Oct 2018 20:52:44 GMT

GET
S

200

japanese-disclosure-e1498040972222.png
japanese.malwares.news/wp-content/uploads/sites/10/2017/06/
Redirect Chain

http://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/japanese-disclosure-e1498040972222.png
https://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/japanese-disclosure-e1498040972222.png

259 KB
260 KB

1085ms
1084ms

Image
image/png

2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/japanese-disclosure-e1498040972222.png
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fecae32586889e9d99dc1dd5d55b0936e64e1824afd8be742b66a620a766824e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:45 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Jun 2017 10:29:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2be85d236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 265453
expires: Mon, 05 Nov 2018 19:52:44 GMT

Redirect headers

Date: Mon, 29 Oct 2018 19:52:44 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://japanese.malwares.news/wp-content/uploads/sites/10/2017/06/japanese-disclosure-e1498040972222.png
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 47182f2bc7ecc2e2-FRA
Expires: Mon, 29 Oct 2018 20:52:44 GMT

GET
H2 200 email-decode.min.js Show response
japanese.malwares.news/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
825 B 8ms
7ms Script
application/javascript 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://japanese.malwares.news/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: japanese.malwares.news
URL: https://japanese.malwares.news/

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:44 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 23 Oct 2018 12:00:28 GMT
server: cloudflare-nginx
etag: W/"5bcf0d5c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800 public
cf-ray: 47182f2eeb36236c-FRA
expires: Wed, 31 Oct 2018 19:52:44 GMT

GET
H2 200 scripts.js Show response
japanese.malwares.news/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 468ms
467ms Script
application/javascript 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed

Request headers

:path: /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.4
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 02 Sep 2018 23:59:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2eeb38236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 4781
expires: Mon, 05 Nov 2018 19:52:45 GMT

GET
H2 200 wp-embed.min.js Show response
japanese.malwares.news/wp-includes/js/ 1 KB
828 B 479ms
479ms Script
application/javascript 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-includes/js/wp-embed.min.js?ver=4.9.8
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=4.9.8
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/
:scheme: https
:method: GET
Referer: https://japanese.malwares.news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 29 Oct 2018 19:52:45 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 29 Oct 2018 12:45:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2eeb3a236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 765
expires: Mon, 05 Nov 2018 19:52:45 GMT

GET
H2 200 pt-sans-v9-latin-ext_latin-regular.woff2
japanese.malwares.news/wp-content/themes/glades/fonts/ 56 KB
56 KB 805ms
804ms Font
font/woff2 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-content/themes/glades/fonts/pt-sans-v9-latin-ext_latin-regular.woff2
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d8093b4ad108808f51987295f38f5760be7902a6c5437f4b6c9032677ddae72

Request headers

:path: /wp-content/themes/glades/fonts/pt-sans-v9-latin-ext_latin-regular.woff2
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
origin: https://japanese.malwares.news
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/wp-content/themes/glades/css/custom-fonts.css?ver=20180413
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://japanese.malwares.news/wp-content/themes/glades/css/custom-fonts.css?ver=20180413
Origin: https://japanese.malwares.news

Response headers

date: Mon, 29 Oct 2018 19:52:45 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Apr 2018 00:28:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2efb3f236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 57372
expires: Mon, 05 Nov 2018 19:52:45 GMT

GET
H2 200 contrail-one-v7-latin-regular.woff2
japanese.malwares.news/wp-content/themes/glades/fonts/ 10 KB
10 KB 488ms
488ms Font
font/woff2 2606:4700:30::681c:191
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://japanese.malwares.news/wp-content/themes/glades/fonts/contrail-one-v7-latin-regular.woff2
Requested by: Host: japanese.malwares.news
URL: https://japanese.malwares.news/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::681c:191 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c073543aeffc066080ec0cc30972e431f05f1fa00be1c52e8a4f4cd67a8a6da7

Request headers

:path: /wp-content/themes/glades/fonts/contrail-one-v7-latin-regular.woff2
pragma: no-cache
cookie: __cfduid=d72c049bdacfa040b7bd8fc156cde815e1540842763
origin: https://japanese.malwares.news
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: japanese.malwares.news
referer: https://japanese.malwares.news/wp-content/themes/glades/css/custom-fonts.css?ver=20180413
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://japanese.malwares.news/wp-content/themes/glades/css/custom-fonts.css?ver=20180413
Origin: https://japanese.malwares.news

Response headers

date: Mon, 29 Oct 2018 19:52:45 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Apr 2018 00:28:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 47182f2efb41236c-FRA
alt-svc: quic=":443"; ma=2592000; v="35,39,43"
content-length: 10580
expires: Mon, 05 Nov 2018 19:52:45 GMT

GET
DATA 200
OK truncated
/ 14 KB
0 Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://japanese.malwares.news

Response headers

Access-Control-Allow-Origin: *
Content-Type: application/x-font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| wpcf7

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.malwares.news/	1970-01-19 04:46:18	Name: __cfduid Value: d72c049bdacfa040b7bd8fc156cde815e1540842763

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://japanese.malwares.news/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

japanese.malwares.news
2606:4700:30::681c:191
2606:4700:30::681c:91
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26ba387cedf27bef70d708dbf8490107f08433304a6845d4c901982e42a3eef9
2abe34835f5555333edccab5786c3fb72eb1755110f38d2fdb2c0ae7ed4db6ed
2d8093b4ad108808f51987295f38f5760be7902a6c5437f4b6c9032677ddae72
46477a5080a1756c043dd5b35cdd102feebfbe89dfc04c399972b754075a310c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
a559ba07f12aeda335ca811bb96b6f57b555815a835fe5f86ad6e7f166190e6d
a767d7e7af88326afb37242f2828280a2c930945cb94b636b1f05a0afb634621
a8f063412d795236cc9fc810bd8e13a2ce43e4ea0f4c9b2980771d15687302e2
c073543aeffc066080ec0cc30972e431f05f1fa00be1c52e8a4f4cd67a8a6da7
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e9f1f502a9a19fe80846b5e05ffb39c5ecc164f3f62da41252895c37f21944e8
f4b6a380b44daa2e6210d1855f41061862b264784dfb4d3fb4a0c7fa8c50aff9
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fecae32586889e9d99dc1dd5d55b0936e64e1824afd8be742b66a620a766824e