threatfox.abuse.ch Open in urlscan Pro
151.101.66.49 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatfox.abuse.ch/ioc/1094210/
Submission: On March 27 via manual (March 27th 2023, 10:40:18 am UTC) from US — Scanned from DE

Summary HTTP 37 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 37 HTTP transactions. The main IP is 151.101.66.49, located in United States and belongs to FASTLY, US. The main domain is threatfox.abuse.ch.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on September 28th 2022. Valid for: a year.

This is the only time threatfox.abuse.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
37	6

25 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

threatfox.abuse.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	abuse.ch 1 redirects threatfox.abuse.ch	393 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	385 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	46 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	155 KB
0	twitter.com Failed api.twitter.com Failed
37	5

	Domain	Requested by
25	threatfox.abuse.ch	1 redirects threatfox.abuse.ch
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	threatfox.abuse.ch www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
2	www.googletagmanager.com	threatfox.abuse.ch
0	api.twitter.com Failed
37	6

This site contains links to these domains. Also see Links.

Domain
spamhaus.org

Subject Issuer	Validity	Valid
*.abuse.ch GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://threatfox.abuse.ch/ioc/1094210/
Frame ID: 85C3F1A9AF660D621A8737C3F4D265E2
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcISgUfAAAAAHj9HvxEZtSKdR4YQV3jdSMADDLL&co=aHR0cHM6Ly90aHJlYXRmb3guYWJ1c2UuY2g6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=2itbsr6u6by
Frame ID: 0775784D1AFD2A44000614AAE82AC90B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ThreatFox | https://appbesfksaw.actomzxck.xyz:2083/aaaaaaaaa

Page URL History Show full URLs

https://threatfox.abuse.ch/ioc/1094210/ HTTP 307
https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw== Page URL
https://threatfox.abuse.ch/ioc/1094210/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

37
Requests

97 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

978 kB
Transfer

2470 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://spamhaus.org/
Title: Spamhaus Project

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://threatfox.abuse.ch/ioc/1094210/ HTTP 307
https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw== Page URL
https://threatfox.abuse.ch/ioc/1094210/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://threatfox.abuse.ch/ioc/1094210/ HTTP 307
https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Request Chain 35

https://threatfox.abuse.ch/ajax/ HTTP 302
https://threatfox.abuse.ch/login/ HTTP 0
https://api.twitter.com/oauth/authorize?oauth_token=W8Pc0wAAAAABKKpNAAABhyKnfVM

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
threatfox.abuse.ch/verify-ua/
Redirect Chain

https://threatfox.abuse.ch/ioc/1094210/
https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

7 KB
3 KB

32ms
31ms

Document
text/html

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

94cb63d1e29b01f19665241566f966a4d8ea8585e7f0b86877b07ef62c42bbe4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 2437
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: same-site
date: Mon, 27 Mar 2023 10:40:13 GMT
expect-ct: enforce, max-age=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Apache/2
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: sameorigin
x-served-by: cache-ams12766-AMS, cache-fra-eddf8230039-FRA
x-timer: S1679913613.236174,VS0,VE25
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: same-site
date: Mon, 27 Mar 2023 10:40:13 GMT
expect-ct: enforce, max-age=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Apache/2
strict-transport-security: max-age=15768000 ; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: sameorigin
x-served-by: cache-ams21036-AMS, cache-fra-eddf8230039-FRA
x-timer: S1679913613.113931,VS0,VE114
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
threatfox.abuse.ch/css/ 157 KB
24 KB 12ms
11ms Stylesheet
text/css 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/css/bootstrap.min.css

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 14 Mar 2023 04:34:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 540299
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 23916
x-xss-protection: 1; mode=block
x-served-by: cache-ams21028-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:18:12 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913613.294204,VS0,VE1
etag: "27288-5b553ae25bbe8-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 162, 1

GET
H2 200 all.min.css
threatfox.abuse.ch/css/ 58 KB
13 KB 13ms
13ms Stylesheet
text/css 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/css/all.min.css

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Mon, 13 Mar 2023 23:01:52 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 560224
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 12868
x-xss-protection: 1; mode=block
x-served-by: cache-ams12739-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:18:10 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913613.294188,VS0,VE1
etag: "e7d0-5b553ae099830-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 173, 1

GET
H2 200 custom.css
threatfox.abuse.ch/css/ 2 KB
1 KB 11ms
11ms Stylesheet
text/css 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/css/custom.css

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

07c8f05b093fcb494bb2fe0e64c53969b16e8cc6e516f5d85b673acc2af279e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 14 Mar 2023 01:49:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 549937
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 940
x-xss-protection: 1; mode=block
x-served-by: cache-ams21071-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Mar 2021 08:42:38 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913613.294217,VS0,VE1
etag: "91e-5bd1688660bf1-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 170, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 87ms
42ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6EH7DFEY3J

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b87fbc515e655d6990021f1d21f2c2ea72772876863eba7884b62df40a1b1160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:40:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78858
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Mar 2023 10:40:13 GMT

GET
H2 200 threatfox_logo.png
threatfox.abuse.ch/images/ 3 KB
4 KB 9ms
8ms Image
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatfox.abuse.ch/images/threatfox_logo.png

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

f3e837c8da58d6ba09b482db3b830672d13fec10fd88bc833838d755cbea8739

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Thu, 23 Mar 2023 23:09:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 559905
cross-origin-embedder-policy: require-corp; report-to="default"
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 2926
x-xss-protection: 1; mode=block
x-served-by: cache-ams21031-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 06 Dec 2020 12:56:57 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913613.317538,VS0,VE1
etag: "b6e-5b5cb3e9ec6bf"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=2592000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 335, 1

GET
H2 200 jquery-3.5.1.min.js Show response
threatfox.abuse.ch/js/ 87 KB
31 KB 8ms
8ms Script
text/javascript 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/js/jquery-3.5.1.min.js

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 14 Mar 2023 03:14:18 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 546930
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 30910
x-xss-protection: 1; mode=block
x-served-by: cache-ams12729-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:11:26 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913613.306978,VS0,VE1
etag: "15d84-5b55395fa655c-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 160, 1

GET
H2 200 bootstrap.min.js Show response
threatfox.abuse.ch/js/ 62 KB
15 KB 8ms
7ms Script
text/javascript 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/js/bootstrap.min.js

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Thu, 16 Mar 2023 02:36:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 374482
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 14924
x-xss-protection: 1; mode=block
x-served-by: cache-ams21073-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:11:24 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913613.310922,VS0,VE1
etag: "f708-5b55395d5d537-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 29, 1

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
908 B 74ms
27ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcISgUfAAAAAHj9HvxEZtSKdR4YQV3jdSMADDLL

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

80cfa94d4fcaf4efbfbbc238efa6e3d13514ba90deb24b7981c35b79edb41640

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:40:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 588
x-xss-protection: 1; mode=block
expires: Mon, 27 Mar 2023 10:40:13 GMT

GET
H2 200 fa-solid-900.woff2
threatfox.abuse.ch/webfonts/ 78 KB
79 KB 15ms
14ms Font
font/woff2 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/webfonts/fa-solid-900.woff2

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/css/all.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatfox.abuse.ch/css/all.min.css
Origin: https://threatfox.abuse.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 01:06:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 1740319
cross-origin-embedder-policy: require-corp; report-to="default"
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 80300
x-xss-protection: 1; mode=block
x-served-by: cache-ams21040-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Nov 2020 07:50:13 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913613.320223,VS0,VE1
etag: "139ac-5b4fdcb45731e"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
content-type: font/woff2
cache-control: max-age=2628000, public, max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 173, 1

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ 409 KB
165 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcISgUfAAAAAHj9HvxEZtSKdR4YQV3jdSMADDLL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatfox.abuse.ch/
Origin: https://threatfox.abuse.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 10:01:51 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0775 47 KB
26 KB 47ms
46ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcISgUfAAAAAHj9HvxEZtSKdR4YQV3jdSMADDLL&co=aHR0cHM6Ly90aHJlYXRmb3guYWJ1c2UuY2g6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=2itbsr6u6by

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

668a3fea267fb5a3dd702512bc9d6b9f554dd2d58ead558b1a850253a3491de0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tfto_ZCbiQ590f27avuLww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatfox.abuse.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26380
content-security-policy: script-src 'report-sample' 'nonce-Tfto_ZCbiQ590f27avuLww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 10:40:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 0775 55 KB
24 KB 40ms
13ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcISgUfAAAAAHj9HvxEZtSKdR4YQV3jdSMADDLL&co=aHR0cHM6Ly90aHJlYXRmb3guYWJ1c2UuY2g6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=2itbsr6u6by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 10:39:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/ Frame 0775 409 KB
164 KB 47ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167834
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 10:01:51 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0775 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 405302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 29 Mar 2023 18:05:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0775 15 KB
16 KB 50ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 525755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0775 15 KB
15 KB 58ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 525755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0775 102 B
134 B 23ms
23ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18fcc06e8e158f0b20df57e5966474ba5ee428da943b5e27417d7e2bdde6058f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcISgUfAAAAAHj9HvxEZtSKdR4YQV3jdSMADDLL&co=aHR0cHM6Ly90aHJlYXRmb3guYWJ1c2UuY2g6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=2itbsr6u6by
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:40:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 27 Mar 2023 10:40:13 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 0775 32 KB
18 KB 68ms
67ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcISgUfAAAAAHj9HvxEZtSKdR4YQV3jdSMADDLL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9eb1eff3f6af5c2264a2e8b28325ce22d81244addaa65f18a29f5eb2dfca1d3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcISgUfAAAAAHj9HvxEZtSKdR4YQV3jdSMADDLL&co=aHR0cHM6Ly90aHJlYXRmb3guYWJ1c2UuY2g6NDQz&hl=de&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=2itbsr6u6by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18825
x-xss-protection: 1; mode=block
expires: Mon, 27 Mar 2023 10:40:14 GMT

POST
H2 200 /
threatfox.abuse.ch/ajax/ 31 B
1 KB 77ms
77ms XHR
text/html 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/ajax/

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
x-cache: MISS, MISS
cross-origin-resource-policy: same-site
content-length: 31
x-xss-protection: 1; mode=block
x-served-by: cache-ams21066-AMS, cache-fra-eddf8230039-FRA
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.039099,VS0,VE69
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 Primary Request / Show response
threatfox.abuse.ch/ioc/1094210/ 18 KB
4 KB 24ms
23ms Document
text/html 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/ioc/1094210/

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

3f56999aeab7be8e3f721662e81ea04984084ba621984fa5e5890cb78efdf9e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatfox.abuse.ch/verify-ua/?url=L2lvYy8xMDk0MjEwLw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 4183
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: same-site
date: Mon, 27 Mar 2023 10:40:14 GMT
expect-ct: enforce, max-age=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Apache/2
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: sameorigin
x-served-by: cache-ams21036-AMS, cache-fra-eddf8230039-FRA
x-timer: S1679913614.119591,VS0,VE17
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
threatfox.abuse.ch/css/ 157 KB
24 KB 8ms
7ms Stylesheet
text/css 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/css/bootstrap.min.css

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 14 Mar 2023 04:34:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 540300
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 23916
x-xss-protection: 1; mode=block
x-served-by: cache-ams21028-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:18:12 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.151025,VS0,VE0
etag: "27288-5b553ae25bbe8-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 162, 2

GET
H2 200 all.min.css
threatfox.abuse.ch/css/ 58 KB
13 KB 10ms
9ms Stylesheet
text/css 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/css/all.min.css

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Mon, 13 Mar 2023 23:01:52 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 560225
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 12868
x-xss-protection: 1; mode=block
x-served-by: cache-ams12739-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:18:10 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.151332,VS0,VE0
etag: "e7d0-5b553ae099830-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 173, 2

GET
H2 200 bootstrap-select.min.css
threatfox.abuse.ch/css/ 11 KB
2 KB 12ms
11ms Stylesheet
text/css 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/css/bootstrap-select.min.css

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Sun, 19 Mar 2023 21:38:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 46429
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 2250
x-xss-protection: 1; mode=block
x-served-by: cache-ams21055-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:18:11 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.151323,VS0,VE1
etag: "2bb0-5b553ae205ccb-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 40, 1

GET
H2 200 custom.css
threatfox.abuse.ch/css/ 2 KB
2 KB 9ms
8ms Stylesheet
text/css 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/css/custom.css

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

07c8f05b093fcb494bb2fe0e64c53969b16e8cc6e516f5d85b673acc2af279e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 14 Mar 2023 01:49:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 549938
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 940
x-xss-protection: 1; mode=block
x-served-by: cache-ams21071-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Mar 2021 08:42:38 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.151340,VS0,VE0
etag: "91e-5bd1688660bf1-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 170, 2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6EH7DFEY3J

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c36877c7c6835746a006977077eccf1812f9c0a4df1d8d9b969811972081f49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Mar 2023 10:40:14 GMT

GET
H2 200 threatfox_logo.png
threatfox.abuse.ch/images/ 3 KB
3 KB 11ms
10ms Image
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatfox.abuse.ch/images/threatfox_logo.png

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

f3e837c8da58d6ba09b482db3b830672d13fec10fd88bc833838d755cbea8739

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Thu, 23 Mar 2023 23:09:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 559906
cross-origin-embedder-policy: require-corp; report-to="default"
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 2926
x-xss-protection: 1; mode=block
x-served-by: cache-ams21031-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 06 Dec 2020 12:56:57 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.176919,VS0,VE1
etag: "b6e-5b5cb3e9ec6bf"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=2592000
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 335, 2

GET
H2 200 11122.jpg
threatfox.abuse.ch/images/avatar/ 2 KB
3 KB 13ms
12ms Image
image/jpeg 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatfox.abuse.ch/images/avatar/11122.jpg

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

599857e8847568c778d7b139aef2a6df5d9223b35873b2739a72d116a1d3ea53

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 21 Mar 2023 02:22:47 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 546313
cross-origin-embedder-policy: require-corp; report-to="default"
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 2415
x-xss-protection: 1; mode=block
x-served-by: cache-ams12729-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 25 Feb 2023 11:32:46 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.176928,VS0,VE1
etag: "96f-5f5849ae8d8b5"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 164, 1

GET
H2 200 jquery-3.5.1.min.js Show response
threatfox.abuse.ch/js/ 87 KB
31 KB 7ms
6ms Script
text/javascript 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/js/jquery-3.5.1.min.js

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 14 Mar 2023 03:14:18 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 546931
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 30910
x-xss-protection: 1; mode=block
x-served-by: cache-ams12729-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:11:26 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.170351,VS0,VE0
etag: "15d84-5b55395fa655c-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 160, 2

GET
H2 200 popper.min.js Show response
threatfox.abuse.ch/js/ 20 KB
7 KB 9ms
9ms Script
text/javascript 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/js/popper.min.js

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

55305bb9041fddba69d6eee99b956bb169fe5a7e9c84e896d94d5d38c060f59b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Mon, 20 Mar 2023 23:02:41 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 560092
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 7313
x-xss-protection: 1; mode=block
x-served-by: cache-ams21061-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 02 Dec 2020 13:31:46 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.173075,VS0,VE1
etag: "5083-5b57b43c47246-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 bootstrap.min.js Show response
threatfox.abuse.ch/js/ 62 KB
16 KB 9ms
8ms Script
text/javascript 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/js/bootstrap.min.js

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Thu, 16 Mar 2023 02:36:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 374483
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 14924
x-xss-protection: 1; mode=block
x-served-by: cache-ams21073-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Nov 2020 14:11:24 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.176305,VS0,VE0
etag: "f708-5b55395d5d537-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 29, 2

GET
H2 200 bootstrap-select.min.js Show response
threatfox.abuse.ch/js/ 56 KB
17 KB 10ms
8ms Script
text/javascript 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/js/bootstrap-select.min.js

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

d45c49d206a6348d2cb921091cc506bebc534b74834646b78614d553e61b813b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Wed, 15 Mar 2023 00:18:16 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 468225
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 17146
x-xss-protection: 1; mode=block
x-served-by: cache-ams21078-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Mar 2021 10:14:25 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.176486,VS0,VE1
etag: "e08c-5bc8affc0f03e-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 96, 1

GET
H2 200 clipboard.min.js Show response
threatfox.abuse.ch/js/ 10 KB
4 KB 10ms
9ms Script
text/javascript 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/js/clipboard.min.js

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Wed, 15 Mar 2023 07:32:56 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 443207
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 3354
x-xss-protection: 1; mode=block
x-served-by: cache-ams21055-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 02 Dec 2020 13:26:16 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.176426,VS0,VE1
etag: "28d5-5b57b30195d23-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 123, 1

GET
H2 200 ioc_81ZtGklOp9.min.js Show response
threatfox.abuse.ch/js/ 10 KB
2 KB 14ms
13ms Script
text/javascript 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/js/ioc_81ZtGklOp9.min.js

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/ioc/1094210/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

c175ae95e6ba9e8ec74a391a53ca58e09874f15bebb921b2b56e7c5f82832809

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://threatfox.abuse.ch/ioc/1094210/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Sun, 19 Mar 2023 13:16:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
cross-origin-embedder-policy: require-corp; report-to="default"
age: 76209
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 1609
x-xss-protection: 1; mode=block
x-served-by: cache-ams21064-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 04 Dec 2022 10:19:01 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.177003,VS0,VE3
etag: "267c-5eefde64f1927-gzip"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 86, 1

GET
H2 200 fa-solid-900.woff2
threatfox.abuse.ch/webfonts/ 78 KB
79 KB 11ms
9ms Font
font/woff2 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/webfonts/fa-solid-900.woff2

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/css/all.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatfox.abuse.ch/css/all.min.css
Origin: https://threatfox.abuse.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 01:06:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1740320
cross-origin-embedder-policy: require-corp; report-to="default"
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 80300
x-xss-protection: 1; mode=block
x-served-by: cache-ams21040-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Nov 2020 07:50:13 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.190499,VS0,VE0
etag: "139ac-5b4fdcb45731e"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
content-type: font/woff2
cache-control: max-age=2628000, public, max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 173, 2

GET
H2 200 fa-regular-400.woff2
threatfox.abuse.ch/webfonts/ 13 KB
13 KB 12ms
10ms Font
font/woff2 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatfox.abuse.ch/webfonts/fa-regular-400.woff2

Requested by

Host: threatfox.abuse.ch
URL: https://threatfox.abuse.ch/css/all.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2 /

Resource Hash

ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatfox.abuse.ch/css/all.min.css
Origin: https://threatfox.abuse.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

expires: Tue, 17 Jan 2023 00:22:39 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-security-policy: default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 10:40:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1347177
cross-origin-embedder-policy: require-corp; report-to="default"
x-cache: HIT, HIT
cross-origin-resource-policy: same-site
content-length: 13548
x-xss-protection: 1; mode=block
x-served-by: cache-ams12723-AMS, cache-fra-eddf8230039-FRA
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 26 Nov 2020 07:50:15 GMT
server: Apache/2
cross-origin-opener-policy: same-origin; report-to="default"
x-timer: S1679913614.190483,VS0,VE1
etag: "34ec-5b4fdcb5b2e13"
expect-ct: enforce, max-age=86400
x-frame-options: sameorigin
content-type: font/woff2
cache-control: max-age=2628000, public, max-age=604800
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), usb=(), vr=()
accept-ranges: bytes
x-cache-hits: 38, 1

GET

authorize
api.twitter.com/oauth/
Redirect Chain

https://threatfox.abuse.ch/ajax/
https://threatfox.abuse.ch/login/
https://api.twitter.com/oauth/authorize?oauth_token=W8Pc0wAAAAABKKpNAAABhyKnfVM

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.twitter.com
URL: https://api.twitter.com/oauth/authorize?oauth_token=W8Pc0wAAAAABKKpNAAABhyKnfVM

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 14:57:45	Name: _GRECAPTCHA Value: 09APgFj6NxHP-whOax5-5q-448yF8GMI-yO90ukaFVXL1rNjiA8qGMkVhkVQi9biX7YfyBmbhX-IdagRXDojKkTEo
threatfox.abuse.ch/	1969-12-31 23:59:59	Name: THREATFOX Value: jeia6fbhso3repu20qvij5o486
.abuse.ch/	1970-01-20 20:14:33	Name: _ga Value: GA1.1.2055167438.1679913613
.abuse.ch/	1970-01-20 20:14:33	Name: _ga_6EH7DFEY3J Value: GS1.1.1679913613.1.1.1679913614.0.0.0

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-6EH7DFEY3J(Line 50) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6EH7DFEY3J&gtm=45je33m0&_p=1510629046&cid=2055167438.1679913613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679913613&sct=1&seg=0&dl=https%3A%2F%2Fthreatfox.abuse.ch%2Fverify-ua%2F%3Furl%3DL2lvYy8xMDk0MjEwLw%3D%3D&dt=ThreatFox%20%7C%20Browse%20IOCs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.gstatic.com:443 data:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-6EH7DFEY3J(Line 50) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6EH7DFEY3J&gtm=45je33m0&_p=1510629046&cid=2055167438.1679913613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1679913613&sct=1&seg=0&dl=https%3A%2F%2Fthreatfox.abuse.ch%2Fverify-ua%2F%3Furl%3DL2lvYy8xMDk0MjEwLw%3D%3D&dt=ThreatFox%20%7C%20Browse%20IOCs&en=scroll&epn.percent_scrolled=90&_et=4' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.gstatic.com:443 data:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-6EH7DFEY3J(Line 50) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6EH7DFEY3J&gtm=45je33m0&_p=975607540&cid=2055167438.1679913613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679913613&sct=1&seg=1&dl=https%3A%2F%2Fthreatfox.abuse.ch%2Fioc%2F1094210%2F&dr=https%3A%2F%2Fthreatfox.abuse.ch%2Fverify-ua%2F%3Furl%3DL2lvYy8xMDk0MjEwLw%3D%3D&dt=ThreatFox%20%7C%20https%3A%2F%2Fappbesfksaw.actomzxck.xyz%3A2083%2Faaaaaaaaa&en=page_view&_ee=1' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.gstatic.com:443 data:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://threatfox.abuse.ch/ioc/1094210/ Message: Refused to connect to 'https://api.twitter.com/oauth/authorize?oauth_token=W8Pc0wAAAAABKKpNAAABhyKnfVM' because it violates the following Content Security Policy directive: "default-src 'self' https://fonts.gstatic.com:443 data:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://fonts.gstatic.com:443 data:; style-src 'self' 'unsafe-inline' https://www.gstatic.com:443 https://fonts.googleapis.com:443; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com:443 https://www.google.com/recaptcha/ https://www.googletagmanager.com:443; frame-src https://www.google.com/recaptcha/; img-src 'self' data: https:; object-src 'none'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.twitter.com
fonts.gstatic.com
threatfox.abuse.ch
www.google.com
www.googletagmanager.com
www.gstatic.com
api.twitter.com
151.101.66.49
2a00:1450:4001:806::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
07c8f05b093fcb494bb2fe0e64c53969b16e8cc6e516f5d85b673acc2af279e8
18fcc06e8e158f0b20df57e5966474ba5ee428da943b5e27417d7e2bdde6058f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f56999aeab7be8e3f721662e81ea04984084ba621984fa5e5890cb78efdf9e3
55305bb9041fddba69d6eee99b956bb169fe5a7e9c84e896d94d5d38c060f59b
599857e8847568c778d7b139aef2a6df5d9223b35873b2739a72d116a1d3ea53
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
668a3fea267fb5a3dd702512bc9d6b9f554dd2d58ead558b1a850253a3491de0
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
80cfa94d4fcaf4efbfbbc238efa6e3d13514ba90deb24b7981c35b79edb41640
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
94cb63d1e29b01f19665241566f966a4d8ea8585e7f0b86877b07ef62c42bbe4
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9eb1eff3f6af5c2264a2e8b28325ce22d81244addaa65f18a29f5eb2dfca1d3f
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b6d3f75dcb2320ed386f2dcb0ef91e545558ded6c268cda18015869cb59658d9
b87fbc515e655d6990021f1d21f2c2ea72772876863eba7884b62df40a1b1160
c175ae95e6ba9e8ec74a391a53ca58e09874f15bebb921b2b56e7c5f82832809
c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3
c36877c7c6835746a006977077eccf1812f9c0a4df1d8d9b969811972081f49d
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d45c49d206a6348d2cb921091cc506bebc534b74834646b78614d553e61b813b
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
f3e837c8da58d6ba09b482db3b830672d13fec10fd88bc833838d755cbea8739
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

threatfox.abuse.ch Open in urlscan Pro 151.101.66.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

978 kBTransfer

2470 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatfox.abuse.ch Open in urlscan Pro
151.101.66.49 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

978 kB
Transfer

2470 kB
Size

4
Cookies

37 HTTP transactions
0 data transactions