urlscan.io logo urlscan.io
SecurityTrails logo

read-pdf.square7.ch Open in urlscan Pro
148.251.48.69  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://read-pdf.square7.ch/
Submission: On February 18 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 12 HTTP transactions. The main IP is 148.251.48.69, located in Germany and belongs to HETZNER-AS , DE. The main domain is read-pdf.square7.ch.
This is the only time read-pdf.square7.ch was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Adobe (Consumer) Generic Email (Online) Excel / PDF download (Online)

Domain & IP information

IP Address AS Autonomous System
1 148.251.48.69 24940 (HETZNER-AS )
1 191.252.51.15 27715 (Locaweb S...)
1 64.130.23.5 7859 (PAIR-NETW...)
2 5.9.107.19 24940 (HETZNER-AS )
1 46.4.18.138 24940 (HETZNER-AS )
1 103.209.24.6 38880 (M21-AS-AP...)
1 104.197.47.161 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
12 10
1    148.251.48.69 (Germany)

ASN24940 (HETZNER-AS , DE)
PTR: client1.square7.ch
read-pdf.square7.ch
1    191.252.51.15 (Valinhos, Brazil)

ASN27715 (Locaweb Serviços de Internet S/A, BR)
PTR: hm9158.locaweb.com.br
camargoinformatica.com.br
1    64.130.23.5 (Pittsburgh, United States)

ASN7859 (PAIR-NETWORKS - pair Networks, US)
PTR: bountifulbreast.co.uk
www.bountifulbreast.co.uk
2    5.9.107.19 (Germany)

ASN24940 (HETZNER-AS , DE)
PTR: mx.bplaced.net
www.bplaced.net
1    46.4.18.138 (Germany)

ASN24940 (HETZNER-AS , DE)
PTR: static.138.18.4.46.clients.your-server.de
tradeportal.org
1    103.209.24.6 (Australia)

ASN38880 (M21-AS-AP Micron21 Datacentre Pty Ltd, AU)
PTR: yoshi.serversaurus.com.au
greatplaceaustralia.com.au
1    104.197.47.161 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 161.47.197.104.bc.googleusercontent.com
www.tradeadexchange.com
1    2a00:1450:4010:c0a::5f (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
ajax.googleapis.com
1    2400:cb00:2048:1::681f:9be (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
cloud.cashtrafic.info
Domain Requested by
2 www.bplaced.net read-pdf.square7.ch
1 cloud.cashtrafic.info www.tradeadexchange.com
1 ajax.googleapis.com www.tradeadexchange.com
1 www.tradeadexchange.com www.bplaced.net
1 greatplaceaustralia.com.au read-pdf.square7.ch
1 tradeportal.org read-pdf.square7.ch
1 www.bountifulbreast.co.uk read-pdf.square7.ch
1 camargoinformatica.com.br read-pdf.square7.ch
1 read-pdf.square7.ch
12 9

This site contains links to these domains. Also see Links.

Domain
www.tradeadexchange.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://read-pdf.square7.ch/
Frame ID: 771.1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

12
Requests

0 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

10
IPs

5
Countries

257 kB
Transfer

324 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 5
  • http://read-pdf.square7.ch/fonts/et-line.woff
  • http://www.bplaced.net/404
Request 7
  • http://read-pdf.square7.ch/fonts/et-line.ttf
  • http://www.bplaced.net/404
Request 12
  • http://read-pdf.square7.ch/favicon.ico
  • http://www.bplaced.net/404

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
read-pdf.square7.ch/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://read-pdf.square7.ch/
Protocol
HTTP/1.1
Server
148.251.48.69 , Germany, ASN24940 (HETZNER-AS , DE),
Reverse DNS
client1.square7.ch
Software
Apache/2.4 /
Resource Hash
b00f17a9cc00f30d137c71260b311c5197f61cf0eea105f97e490794637c7141

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
read-pdf.square7.ch
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Sat, 18 Feb 2017 20:01:33 GMT
Content-Encoding
gzip
Server
Apache/2.4
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=4, max=500
Content-Length
4005
Adobe_PDF_Reader.jpg
camargoinformatica.com.br/wp-content/uploads/2013/04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://camargoinformatica.com.br/wp-content/uploads/2013/04/Adobe_PDF_Reader.jpg
Requested by
Host: read-pdf.square7.ch
URL: http://read-pdf.square7.ch/
Protocol
HTTP/1.1
Server
191.252.51.15 Valinhos, Brazil, ASN27715 (Locaweb Serviços de Internet S/A, BR),
Reverse DNS
hm9158.locaweb.com.br
Software
Apache /
Resource Hash
279ef42c58ee1f7c2a533d55fb86dc5a1185429ecf34ed2510455e15e04ba0f7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
camargoinformatica.com.br
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Feb 2017 19:57:12 GMT
Via
1.1 varnish-v4
Last-Modified
Sat, 03 Oct 2015 18:49:52 GMT
Server
Apache
Age
262
X-Varnish
49562025 51950108
Cache-Control
No-Cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
17138
100Secure.jpg
www.bountifulbreast.co.uk/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bountifulbreast.co.uk/images/100Secure.jpg
Requested by
Host: read-pdf.square7.ch
URL: http://read-pdf.square7.ch/
Protocol
HTTP/1.1
Server
64.130.23.5 Pittsburgh, United States, ASN7859 (PAIR-NETWORKS - pair Networks, US),
Reverse DNS
bountifulbreast.co.uk
Software
Apache/2.4.25 /
Resource Hash
2f71bea7601b970d07eea91af38bcee8b1c9fc197b5f85cbe9bae3b9f2b705c5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.bountifulbreast.co.uk
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Sat, 18 Feb 2017 20:01:33 GMT
Last-Modified
Fri, 08 Apr 2011 07:10:07 GMT
Server
Apache/2.4.25
ETag
"124f-4a062ea6b91c0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4687
bpa.js
www.bplaced.net/pub/ 		290 B
155 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bplaced.net/pub/bpa.js
Requested by
Host: read-pdf.square7.ch
URL: http://read-pdf.square7.ch/
Protocol
HTTP/1.1
Server
5.9.107.19 , Germany, ASN24940 (HETZNER-AS , DE),
Reverse DNS
mx.bplaced.net
Software
Apache /
Resource Hash
27306980aebf9834eed9db219b1c67998ba46614eba6c7355c88711bad38638a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.bplaced.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
*/*
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Sat, 18 Feb 2017 20:01:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-BP-NSA-REQID
(null) a.14UID=296
Last-Modified
Sat, 07 May 2016 08:07:31 GMT
Server
Apache
ETag
"122-5323c112ad6c0-gzip"
Vary
Accept-Encoding
Upgrade
h2
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=4, max=500
Content-Length
155
Bank%20Slip1_3_8.JPG
tradeportal.org/media/ 		157 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tradeportal.org/media/Bank%20Slip1_3_8.JPG
Requested by
Host: read-pdf.square7.ch
URL: http://read-pdf.square7.ch/
Protocol
HTTP/1.1
Server
46.4.18.138 , Germany, ASN24940 (HETZNER-AS , DE),
Reverse DNS
static.138.18.4.46.clients.your-server.de
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
dbd31286b59d7909b15478ac3a904bcde6e016f57ab83f0b6b469eeb726d8527

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
tradeportal.org
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Sat, 18 Feb 2017 20:01:33 GMT
ETag
"27cf81d87dfce1:0"
Last-Modified
Tue, 12 Nov 2013 09:11:05 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
160450
X-UA-Compatible
IE=Edge
smallpdf.png
greatplaceaustralia.com.au/plugins/captcha/recaptcha/core/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://greatplaceaustralia.com.au/plugins/captcha/recaptcha/core/smallpdf.png
Requested by
Host: read-pdf.square7.ch
URL: http://read-pdf.square7.ch/
Protocol
HTTP/1.1
Server
103.209.24.6 , Australia, ASN38880 (M21-AS-AP Micron21 Datacentre Pty Ltd, AU),
Reverse DNS
yoshi.serversaurus.com.au
Software
Apache /
Resource Hash
cf47dd71a230a784e848996d3d034626c87342322b5d1cac5a2984862b66d44f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
greatplaceaustralia.com.au
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Sat, 18 Feb 2017 20:01:33 GMT
Last-Modified
Thu, 01 Oct 2015 00:08:30 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1289
404
www.bplaced.net/
Redirect Chain
  • http://read-pdf.square7.ch/fonts/et-line.woff
  • http://www.bplaced.net/404
 		0
0
Cookie set display.php
www.tradeadexchange.com/a/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.tradeadexchange.com/a/display.php?r=421215
Requested by
Host: www.bplaced.net
URL: http://www.bplaced.net/pub/bpa.js
Protocol
HTTP/1.1
Server
104.197.47.161 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
161.47.197.104.bc.googleusercontent.com
Software
openresty /
Resource Hash
3901879865ac549fd5b611973d88ee0a56d7f419adff240cd226411bfddd21b5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.tradeadexchange.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 18 Feb 2017 20:01:33 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Server
openresty
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, no-transform, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding
chunked
Set-Cookie
acnetwork=94fb2daa58a8a81d0baf3248ea; expires=Wed, 30-Dec-2037 23:00:00 GMT; Max-Age=658378707; path=/
X-Robots-Tag
noindex
Expires
Sat, 26 Jul 1997 05:00:00 GMT
404
www.bplaced.net/
Redirect Chain
  • http://read-pdf.square7.ch/fonts/et-line.ttf
  • http://www.bplaced.net/404
 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.1/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js
Requested by
Host: www.tradeadexchange.com
URL: http://www.tradeadexchange.com/a/display.php?r=421215
Protocol
HTTP/1.1
Server
2a00:1450:4010:c0a::5f , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
2cec78f739fbddfed852cd7934d2530e7cc4c8f14b38673b03ba5fb880ad4cc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
ajax.googleapis.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 16 Feb 2017 19:42:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
173964
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Timing-Allow-Origin
*
Content-Length
24177
X-XSS-Protection
1; mode=block
Expires
Fri, 16 Feb 2018 19:42:09 GMT
Cookie set 12219_Rail%20Nation__DE_728x90.jpg
cloud.cashtrafic.info/ban/1367501/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cloud.cashtrafic.info/ban/1367501/12219_Rail%20Nation__DE_728x90.jpg
Requested by
Host: www.tradeadexchange.com
URL: http://www.tradeadexchange.com/a/display.php?r=421215
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681f:9be , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
fc1fbec7070e3e253765d2afa7ac8b0b1d5e6b49482c6595afec19d70740cf8e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
cloud.cashtrafic.info
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Sat, 18 Feb 2017 20:01:33 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 21 Apr 2016 15:32:21 GMT
Server
cloudflare-nginx
ETag
W/"5718f285-add7"
Vary
Accept-Encoding
Content-Type
image/jpeg
Set-Cookie
__cfduid=dba9d819ad76afdf926385af480518be21487448093; expires=Sun, 18-Feb-18 20:01:33 GMT; path=/; domain=.cashtrafic.info; HttpOnly
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3334125a05220f4b-FRA
Expires
Sat, 18 Feb 2017 22:01:33 GMT
truncated
/ 		760 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2181425b64057f50bfc9ea52486ea2350c41fe82d2cbdc341c4a4904235fc0a1

Request headers

Response headers
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ede4a929a6c9812ef337c9437c8c5704af0c8f8f34f82376aaa7f5ef40606d5e

Request headers

Response headers
404
www.bplaced.net/
Redirect Chain
  • http://read-pdf.square7.ch/favicon.ico
  • http://www.bplaced.net/404
 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://www.bplaced.net/404
Protocol
HTTP/1.1
Server
5.9.107.19 , Germany, ASN24940 (HETZNER-AS , DE),
Reverse DNS
mx.bplaced.net
Software
Apache /
Resource Hash
143d9f3639d5c6c29b4cb1053e8a363d3ec1442dbda7075b2d05165fe7c59cbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
www.bplaced.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://read-pdf.square7.ch/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://read-pdf.square7.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date
Sat, 18 Feb 2017 20:01:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-BP-NSA-REQID
(null) a.14UID=610
Last-Modified
Thu, 22 Oct 2015 17:00:43 GMT
Server
Apache
ETag
"19bd-522b46f75c4c0-gzip"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=499
Content-Length
1856

Redirect headers

Location
http://www.bplaced.net/404
Date
Sat, 18 Feb 2017 20:01:34 GMT
Server
Apache/2.4
Connection
Keep-Alive
Keep-Alive
timeout=4, max=499
Content-Length
283
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bplaced.net
URL
http://www.bplaced.net/404
Domain
www.bplaced.net
URL
http://www.bplaced.net/404

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Adobe (Consumer) Generic Email (Online) Excel / PDF download (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies