research.openanalysis.net
Open in
urlscan Pro
185.199.108.153
Public Scan
Submission: On December 10 via api from RU — Scanned from PT
Summary
TLS certificate: Issued by R11 on November 5th 2024. Valid for: 3 months.
This is the only time research.openanalysis.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 185.199.108.153 185.199.108.153 | 54113 (FASTLY) (FASTLY) | |
3 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 104.21.80.27 104.21.80.27 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 3 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com
research.openanalysis.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
openanalysis.net
research.openanalysis.net |
21 KB |
4 |
shields.io
img.shields.io — Cisco Umbrella Rank: 42768 |
6 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225 |
111 KB |
12 | 3 |
Domain | Requested by | |
---|---|---|
5 | research.openanalysis.net |
research.openanalysis.net
|
4 | img.shields.io |
research.openanalysis.net
|
3 | cdnjs.cloudflare.com |
research.openanalysis.net
cdnjs.cloudflare.com |
12 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.youtube.com |
www.twitch.tv |
discord.gg |
www.patreon.com |
github.com |
asec.ahnlab.com |
blogs.blackberry.com |
krabsonsecurity.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
research.openanalysis.net R11 |
2024-11-05 - 2025-02-03 |
3 months | crt.sh |
cdnjs.cloudflare.com WE1 |
2024-11-26 - 2025-02-24 |
3 months | crt.sh |
shields.io WE1 |
2024-10-21 - 2025-01-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://research.openanalysis.net/cpp/stl/amadey/loader/config/2022/11/13/amadey.html
Frame ID: 12B6161C29D085406C69DD23640DFF43
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Amadey Loader | OALABS ResearchDetected technologies
Jekyll (Static Site Generator) ExpandDetected patterns
- <!-- Begin Jekyll SEO tag
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: LockBit 3.0 Being Distributed via Amadey Bot
Search URL Search Domain Scan URL
Title: SmokeLoader Malware Used to Augment Amadey Infostealer
Search URL Search Domain Scan URL
Title: Analyzing Amadey – a simple native malware
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
amadey.html
research.openanalysis.net/cpp/stl/amadey/loader/config/2022/11/13/ |
25 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
research.openanalysis.net/assets/css/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
primer.css
cdnjs.cloudflare.com/ajax/libs/Primer/15.2.0/ |
200 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
-YouTube-FF0000
img.shields.io/badge/ |
915 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oalabslive
img.shields.io/twitch/status/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
-Join%20Our%20Discord-blueviolet
img.shields.io/badge/ |
961 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
-OALABS%20Patreon-FF424D
img.shields.io/badge/ |
947 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
github.svg
research.openanalysis.net/assets/badges/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minima-social-icons.svg
research.openanalysis.net/assets/ |
15 KB 6 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ |
78 KB 79 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
research.openanalysis.net/images/ |
2 KB 3 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| wrap_img0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
img.shields.io
research.openanalysis.net
104.17.25.14
104.21.80.27
185.199.108.153
02ef9d85d5cf1081d5abd7f6a71bced5254a6b641aed8258c850a3a9245ce509
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
15e5f58ded62186b6b59498fe7bec58f4bda205247ec3735f2b3bb6457845806
3102e7ea421c5b383635d9bc26c72442fedf142cbc2ffd1b4996ab66bd5dcd0d
36c8bbf98bdc49a0f69f3b192d927dfbdb5207a654b58685289ef23ab938ff63
7520646fc7e1337f44f20886643f665d18dd11127ac82dcae77f772d9ccb4d33
958b273c7907e71e100edb668de5e9c220130dc4a10c483cac9f90d43f111c85
a6d9fee6f4b9c5e9ac913a6d415b194bc16e151168f5c76de301e6e01f1eab39
cbfc31ced385e704856825a95b1b4646f73d6d09c8a12be51f56d1395e16f9a3
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d628f183c4edc3762b60c01b60b4b19358dda80f7cb660d08e6b0b326073b8ff
e85c012e50453d8f6df10075c60e872e24bdf889707b51462d3af8292d74691f