www.threatminer.org
2606:4700:20::681a:feb

Go To Rescan
Add Verdict Report

URL:
https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Submission Tags: falconsandbox
Submission: On June 01 via api (June 1st 2023, 6:18:35 am UTC) from US — Scanned from DE

Summary HTTP 304 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 22 domains to perform 304 HTTP transactions. The main IP is 2606:4700:20::681a:feb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.threatminer.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2023. Valid for: a year.

This is the only time www.threatminer.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:20:... 2606:4700:20::681a:feb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
21	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
1 1	2606:4700:10:... 2606:4700:10::6814:9710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:b79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
31	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
3	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
4	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
3	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5 11	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
21	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
12	2600:9000:205... 2600:9000:2057:6600:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
66	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2011	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	104.244.43.131 104.244.43.131	54113 (FASTLY) (FASTLY)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
2	143.204.215.42 143.204.215.42	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a04:4e42::300 2a04:4e42::300	() ()
1	141.226.224.32 141.226.224.32	() ()
304	39

27 2606:4700:20::681a:feb (United States)

ASN13335 (CLOUDFLARENET, US)

www.threatminer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:9710 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

i.creativecommons.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:b79 (United States)

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3027.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

threatminer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2057:6600:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.43.131 (United States)

ASN54113 (FASTLY, US)

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-42.fra53.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (None, )

ASN- ()

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	1 MB
30	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 51	292 KB
27	threatminer.org www.threatminer.org	1 MB
25	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 950 trc.taboola.com — Cisco Umbrella Rank: 650 am-trc-events.taboola.com — Cisco Umbrella Rank: 12936 images.taboola.com — Cisco Umbrella Rank: 2011 pips.taboola.com cds.taboola.com	3 MB
24	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	291 KB
24	twitter.com platform.twitter.com — Cisco Umbrella Rank: 945 syndication.twitter.com — Cisco Umbrella Rank: 1147	758 KB
20	google.com 5 redirects cse.google.com — Cisco Umbrella Rank: 3467 adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 3 clients1.google.com — Cisco Umbrella Rank: 555	234 KB
12	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 4930	313 KB
11	disqus.com threatminer.disqus.com disqus.com — Cisco Umbrella Rank: 1218 tempest.services.disqus.com — Cisco Umbrella Rank: 16117 referrer.disqus.com — Cisco Umbrella Rank: 7185 links.services.disqus.com — Cisco Umbrella Rank: 13773	1 MB
9	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 486 fonts.googleapis.com — Cisco Umbrella Rank: 66	127 KB
9	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7384 router.infolinks.com — Cisco Umbrella Rank: 2983 rt3027.infolinks.com — Cisco Umbrella Rank: 81303	235 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 366	130 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	425 KB
6	twimg.com abs-0.twimg.com — Cisco Umbrella Rank: 2293 abs.twimg.com — Cisco Umbrella Rank: 2051 pbs.twimg.com — Cisco Umbrella Rank: 835	24 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8155	818 B
2	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 9153	782 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 160	3 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1056	920 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 904
1	licensebuttons.net licensebuttons.net — Cisco Umbrella Rank: 28911	739 B
1	creativecommons.org 1 redirects i.creativecommons.org — Cisco Umbrella Rank: 31641	241 B
304	22

	Domain	Requested by
66	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
30	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
27	www.threatminer.org	www.threatminer.org
21	platform.twitter.com	www.threatminer.org platform.twitter.com syndication.twitter.com
17	pagead2.googlesyndication.com	www.threatminer.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	c.disquscdn.com	disqus.com c.disquscdn.com threatminer.disqus.com
11	images.taboola.com
11	www.google.com	5 redirects cse.google.com www.google.com www.threatminer.org tpc.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
10	www.gstatic.com	googleads.g.doubleclick.net
8	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
8	www.googletagservices.com	googleads.g.doubleclick.net
8	cdn.taboola.com	www.threatminer.org cdn.taboola.com
7	fonts.googleapis.com	googleads.g.doubleclick.net client
5	cse.google.com	www.threatminer.org www.google.com cse.google.com
4	resources.infolinks.com	www.threatminer.org resources.infolinks.com
3	links.services.disqus.com	c.disquscdn.com
3	abs-0.twimg.com	syndication.twitter.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	referrer.disqus.com	www.threatminer.org
3	disqus.com	threatminer.disqus.com c.disquscdn.com
3	syndication.twitter.com	platform.twitter.com syndication.twitter.com
3	router.infolinks.com	resources.infolinks.com
2	am-trc-events.taboola.com
2	trc.taboola.com	cdn.taboola.com
2	cdn.viglink.com	www.threatminer.org
2	pbs.twimg.com	syndication.twitter.com
2	encrypted-tbn3.gstatic.com	www.threatminer.org
2	encrypted-tbn1.gstatic.com	www.threatminer.org
2	sb.scorecardresearch.com	cdn.taboola.com www.threatminer.org
2	rt3027.infolinks.com	resources.infolinks.com
2	partner.googleadservices.com	pagead2.googlesyndication.com cse.google.com
2	www.google-analytics.com	www.threatminer.org www.google-analytics.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	abs.twimg.com	platform.twitter.com
1	csp.withgoogle.com	www.google.com
1	imasdk.googleapis.com	resources.infolinks.com
1	clients1.google.com	www.threatminer.org
1	www.googleapis.com	www.threatminer.org
1	tempest.services.disqus.com	threatminer.disqus.com
1	threatminer.disqus.com	www.threatminer.org
1	licensebuttons.net	www.threatminer.org
1	i.creativecommons.org	1 redirects
304	45

This site contains links to these domains. Also see Links.

Domain
medium.com
twitter.com
github.com
www.linkedin.com
code.google.com
www.aldeid.com
www.hybrid-analysis.com
www.malwares.com
darkwing.moe
shaurong.blogspot.com
qiita.com
www.google.com
cse.google.com
www.virustotal.com
virusshare.com
creativecommons.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-04` - `2023-12-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
viglink.com Amazon RSA 2048 M01	`2023-02-24` - `2023-11-11`	9 months	crt.sh

This page contains 33 frames:

Primary Page: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Frame ID: 903D01C37EEDBD0BFD42BC6C19AA6673
Requests: 82 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html
Frame ID: A8B7FE658C54A37E987A72795C15534E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.threatminer.org
Frame ID: D57EBC97C7D5ABAF76007DD951FE5142
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261
Frame ID: 5245CB8EFAA55E5C736FDB2CFA8EF827
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=c99131e0169171935c5ac32615ed6261&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&t_d=c99131e0169171935c5ac32615ed6261%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=c99131e0169171935c5ac32615ed6261%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
Frame ID: 1BAC6291A53C8F7F83F1B38CECB68386
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1685600316&rafmt=3&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316257&bpp=4&bdt=435&idt=231&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&correlator=6313399095562&frm=20&pv=2&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LVcudkDd8z&p=https%3A//www.threatminer.org&dtd=265
Frame ID: B0954C37A4B9C64A6998EE83126791FA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1685600316&rafmt=1&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316261&bpp=1&bdt=438&idt=268&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nL2FK21T4x&p=https%3A//www.threatminer.org&dtd=284
Frame ID: 1CC7050DD32AB81669E3475423278B9A
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1685600316&rafmt=11&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316262&bpp=1&bdt=440&idt=299&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=951HPo88So&p=https%3A//www.threatminer.org&dtd=302
Frame ID: 14B9EB8EC3B95B610B8E8623A1D81F1C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=748155151&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1685600316&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316263&bpp=1&bdt=441&idt=316&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WyNknxkLP8&p=https%3A//www.threatminer.org&dtd=320
Frame ID: DA26E421BAE8B4FFECE7AD60D7DC5EFB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=8831273914&adk=3175788880&adf=707097127&pi=t.ma~as.8831273914&w=1200&fwrn=4&lmt=1685600316&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316263&bpp=1&bdt=441&idt=345&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=QkWh390H8m&p=https%3A//www.threatminer.org&dtd=351
Frame ID: 6D4AD05C8C7EFB7219BE513583EEBAF4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=3926415687&adk=3167179422&adf=2105686797&pi=t.ma~as.3926415687&w=1200&fwrn=4&lmt=1685600316&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316264&bpp=1&bdt=442&idt=357&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=NL3FEomdLg&p=https%3A//www.threatminer.org&dtd=361
Frame ID: 0421EBD17C0DFD74E84B857374BFB997
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=591&slotname=4336667154&adk=296923673&adf=2825014424&pi=t.ma~as.4336667154&w=1182&cr_col=4&cr_row=2&fwrn=2&lmt=1685600316&rafmt=9&format=1182x591&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316264&bpp=1&bdt=442&idt=364&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=3778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=A7w42NOE3C&p=https%3A//www.threatminer.org&dtd=368
Frame ID: C9E37501CA230733729792D3FC9B0BC9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&adk=1812271804&adf=3025194257&lmt=1685600316&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316328&bpp=3&bdt=506&idt=321&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6932ff55ee644d5c-22f6716effdd006d%3AT%3D1685600316%3ART%3D1685600316%3AS%3DALNI_MY7O-71-pnXkBQKCJrYGrbcY3z09w&gpic=UID%3D00000c2aac2ac721%3AT%3D1685600316%3ART%3D1685600316%3AS%3DALNI_MYQkLu8_WJ8tcvKpCZbtAHB9UI_kA&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1182x591&nras=1&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=358
Frame ID: 9F2A2AE942DEBBCF4D79216651EBA25B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Frame ID: 5F200A7CECEC365D64B253D0C62D14EA
Requests: 27 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&sessionId=4b327806f16a19fea841ada06cefe4cc994caac6&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Frame ID: 0C413BE9145146832D392C4412042B27
Requests: 26 HTTP requests in this frame

Frame: https://cse.google.com/cse_v2/ads?adsafe=high&pcsa=true&cx=414385693720d4156&fexp=20606%2C17301187%2C17301189&client=google-coop&q=c99131e0169171935c5ac32615ed6261&r=m&hl=de&type=0&oe=UTF-8&ie=UTF-8&format=p4&ad=p4&nocache=4771685600316819&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1685600316820&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=4645&frm=0&cl=534159633&uio=-&jsid=csa&jsv=534159633&rurl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&adbw=master-1%3A271
Frame ID: 74E04A7477A1146E0B4FADD7812AEFD9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: 3C0D0F3F84B21E6B8624E5D83C9CE70D
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 83ED7E45F21A156469D5E58AF834DD5D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F0D21667DC1CE5EB06B2AC069A308066
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 64967BCD47AEA2CD3404FB578E7352BA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Frame ID: EE587839957CD3A434B7735EE95D8261
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20110914/zrt_lookup.html?fsb=1
Frame ID: C1000D71574A6D7C03BFA9BED5AEE47C
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 8E4BFFD555FD868954FAADC7791090B2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 2C15B28213B656BC5A37DF7E83575649
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: AD2CBCC5D183924EA21681B7D2AD3FAE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: EF59CF04F364E634D9B83BE5A70D2F3F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 807925CA261EEFE2157DDBEEE820DABD
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CA4BCB133077A88DACB33EECE0DC2CF9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 298D6A466A65EAA8CFF3B662C3603D25
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C320D4915EEE31F53D3C04262EA09960
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 7B932C45FE60AAADBB61FF0FEF50234A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F3E3B18B8CDEC2D1876243B72ED76FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B54BB26787F54421F7908D1BB32ED76
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

304
Requests

100 %
HTTPS

67 %
IPv6

22
Domains

45
Subdomains

39
IPs

4
Countries

8868 kB
Transfer

19128 kB
Size

12
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/@threatminer
Title: Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/ThreatMiner
Title: Tweets by ThreatMiner

Search URL Search Domain Scan URL

URL: http://github.com/threatminer
Title: ThreatMiner Github Github.com/threatminer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatminer/
Title: Follow Threatminer on LinkedIn Linkedin.com/company/threatminer/

Search URL Search Domain Scan URL

URL: http://code.google.com/apis/ajaxsearch/faq.html
Title: bei Google ausgewählt - 6/2023

Search URL Search Domain Scan URL

URL: https://www.aldeid.com/wiki/TryHackMe-BP-Splunk/Advanced-Persitent-Threat
Title: TryHackMe-BP-Splunk/Advanced-Persitent-Threat - aldeid

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/9709473ab351387aab9e816eff3910b9f28a7a70202e250ed46dba8f820f34a8?environmentId=100
Title: Free Automated Malware Analysis Service - powered by Falcon ...

Search URL Search Domain Scan URL

URL: https://www.malwares.com/report/file?hash=9709473AB351387AAB9E816EFF3910B9F28A7A70202E250ED46DBA8F820F34A8
Title: https://www.malwares.com/report/file?hash=9709473A...

Search URL Search Domain Scan URL

URL: https://darkwing.moe/2020/07/30/BP-Splunk-TryHackMe/
Title: BP-Splunk-TryHackMe | 喵喵喵喵| 某鱼唇的人类

Search URL Search Domain Scan URL

URL: http://shaurong.blogspot.com/2023/01/splunk-boss-of-soc-v1.html
Title: [研究]Splunk練習-Boss Of The SOC v1 心得筆記 - 浮雲雅築

Search URL Search Domain Scan URL

URL: https://qiita.com/toshikawa/items/d5ac298adc087642703e
Title: Splunk Boss of the SOCについて（その6 Weaponization） - Qiita

Search URL Search Domain Scan URL

URL: https://www.google.com/search?client=ms-google-coop&q=c99131e0169171935c5ac32615ed6261&cx=414385693720d4156
Title: suchenAuf Google nach "c99131e0169171935c5ac32615ed6261" suchen

Search URL Search Domain Scan URL

URL: https://cse.google.com/?ref=b&hl=de

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/9709473ab351387aab9e816eff3910b9f28a7a70202e250ed46dba8f820f34a8/analysis/
Title: VirusTotal

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/9709473ab351387aab9e816eff3910b9f28a7a70202e250ed46dba8f820f34a8
Title: Hybrid-Analysis

Search URL Search Domain Scan URL

URL: https://virusshare.com/
Title: VirusShare

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by/4.0/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://i.creativecommons.org/l/by/4.0/80x15.png HTTP 301
https://licensebuttons.net/l/by/4.0/80x15.png

Request Chain 176

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 259

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 261

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

304 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sample.php Show response
www.threatminer.org/ 28 KB
8 KB 116ms
55ms Document
text/html 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c520254145c30b25c0a1a9721da93a010f3d849c9c5216aac89fcc581516a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7d05571599cc1c11-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 01 Jun 2023 06:18:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpHdkIH73p%2FdKJJSkKga7trg6amwuyiHkd52hazrAr%2FNbm6zYL0FLAEG2G7d6BcN81I6VP0PHDCNbP7CfxIYjLTupUV9sFgsAwkkoCcVjUSiVFMsVdKxMc1P5Srz1YJ%2BajEAq70Kyy6UShdqajyf%2BbQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
www.threatminer.org/bower_components/bootstrap/dist/css/ 115 KB
20 KB 53ms
51ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ca39-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjRw5tsFowUhwC8HlWAD58%2FB8P%2Fx35iIewG%2BJL1Jr8dj16MNeAc%2BNyRXKdz6%2FapeR8JVCUXMbQyqb4d3bM3cb2W7BOu2j6zKV3yWzmXx6hpal3zp0opT11pKFR%2FGWg9DBJBIEdSbna%2BrMAibxY7iBQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa4c1c11-FRA

GET
H2 200 metisMenu.min.css
www.threatminer.org/bower_components/metisMenu/dist/ 781 B
700 B 45ms
43ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"30d-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzftT7jO8PfCZ%2BT2fyzBYA8Ftqas2tj0mYtW0BeDe1ua%2FS5i%2FgftoVa4u7OFkAmgRU2TafAVhznlVGP0aPj8KizMWnKRhUJfiQaW0ozRSCgFIy32Z%2B0rqnOzOjUL%2B4ZlWybM86ZegdFld%2Bf21DXoiLA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa4d1c11-FRA

GET
H2 200 dataTables.bootstrap.css
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 6 KB
2 KB 51ms
49ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac55d188233bffb66023997fcdf69c38df2f62ee4654ad62c61a85b6e81d705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7616
etag: W/"1dc0-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKjq184HHDaaJamXzb36pncVdasLJr3d8pm06aDI3dvxJm0UTuafG7JtE3QHwb2iVBrH5TXt89paus3k%2F0Jif3tx%2FAr3KYJtfFrzDps%2FRRyZEtjGBK%2FnkgXqxZ45JBQnhMHA4EHlGjEBOLogfeEJx0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa4e1c11-FRA

GET
H2 200 dataTables.responsive.css
www.threatminer.org/bower_components/datatables-responsive/css/ 3 KB
891 B 45ms
43ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-responsive/css/dataTables.responsive.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c692f0d15d92d902c12d745947ba1f892a76bbf3f74c6f3a9f590afd0653ee04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3051
etag: W/"beb-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA2Upe6rP0Razb6KjtkTM8Fg4a0rePnCs%2FBUrJdUW2%2BS531tsT373G5IycDavmaKHtKAlAr8VTHSdO1EEu%2FVh2aiCemaBcBqQMv3Yg47EB%2Fmm0shB8L2kI1Qqia40IKnZEyywAZpjUn0o4S4CwM%2BNCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa4f1c11-FRA

GET
H2 200 buttons.dataTables.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 8 KB
2 KB 46ms
45ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.dataTables.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 13:08:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1f58-54e761fab9800-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AjraZIw8aSPWPuWdRAJVwnlunvL1RalskF14RMzebdN109DMi5L91WSpLBgOzUBODd0FjaavJmo%2FArj5eX16SsxYK8KG3K%2BxA3jdjs0iJfY7hC35r1csY5dsEaIBZD1zzflOhFD90Im8%2Flzf19B4IM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa501c11-FRA

GET
H2 200 buttons.bootstrap.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 2 KB
778 B 66ms
65ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.bootstrap.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 13:02:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"626-54e760a737700-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ac0luTlus7EKVwE8t3Sml7XDWDTUIgfCYFxCBfynp5vAVj28bRqxAse6971Y%2BMwVvqft0J%2BhhtL%2BmVZbZ0pWa4eJvzn3Y5fwVggmMa%2BTuRRKaqQSwfxmQclHEe6aBFhYjDcj3HgkriNfUUtpCPx0oxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa521c11-FRA

GET
H2 200 sb-admin-2.css
www.threatminer.org/dist/css/ 4 KB
2 KB 65ms
64ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/css/sb-admin-2.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50d6e541020cbfdddf888aa2c42ad1c8d2296f9045709983354441032e2eb55d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 02 Jan 2021 17:59:17 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5638
etag: W/"1606-5b7ee9d93cc8e-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNYttr7WKtJKcV7WweHbKXBkiPGhkccW8f04Y3KsVDlcREjU%2FGrO2nFwtusft6QGFt%2Bh8pVoRluiONWVp8P7UOXXS%2FtbLhJkK0h%2FsIBjfN%2FPgS8CnUpLNqDe3fO7ejaAL%2B%2Fx7GaRJiF8Q4xwE2Ta1rg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa531c11-FRA

GET
H2 200 font-awesome.min.css
www.threatminer.org/bower_components/font-awesome/css/ 21 KB
5 KB 48ms
47ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"55e0-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfLJgAoffvYgIvBis9yeJolL%2BN9Tgv6WOCKpA0gEvrVwYeJFrn3JLZVWCoLMum9tXB4Ee9T8ftik0rmIANDwrJOpxbDGJL%2FcB8LRelbw1xZpbC5zAX3EqeQWkVoebsaXW1OpnTmkiJCtFSQxFbNTUw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa541c11-FRA

GET
H2 200 social-share-kit.css
www.threatminer.org/dist/css/ 12 KB
3 KB 47ms
46ms Stylesheet
text/css 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/css/social-share-kit.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60adb5d029ec8a5d4613d7d57ff8a799c43caae1d1d1c2e5c230d65850fd5273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 16 Dec 2016 10:13:34 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12273
etag: W/"2ff1-543c3d291af80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dbxo4L0WTA7HZpSGmSFRQ36I%2B6iU%2BmxRGbyVzPPALeGcZZ2d%2BqZyyXOz3GKc9i3IQoJY2M8Z2m7EDcE0UJesO2l%2BU5U8GR99rdjnop56NVa9fNFPqvnHYdwNeiysPQfgkXyqdTw9YwvnB6ZXKAmXyxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7d055715fa551c11-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 141ms
71ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34b42288ac461bcd4eb6ef3518e809406442c5cee2f11c3ddec9a3699fb42a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47623
x-xss-protection: 0
server: cafe
etag: 12657540560957752965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 06:18:36 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 217ms
20ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 06:18:36 GMT
Content-Encoding: gzip
Age: 667
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67BC)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 ajax-loader.gif
www.threatminer.org/images/ 3 KB
3 KB 55ms
53ms Image
image/gif 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatminer.org/images/ajax-loader.gif
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934abde684325043e16edeffd73752cd5f0ab00b5723d8e47a618ce3f16a3799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Sat, 17 Oct 2015 00:26:24 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2608
etag: "a30-52241f64ccc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwuDw9TmFgJdgwcHyIeL3pHDjRu6dwjADcXFWykJiEROxfbNq%2BMwAkOM7j5D9F%2BOya3yNioZaNKBPjve4Gj9CBfpgmcsdR%2F%2Fm4NHt6GYaYGV5QmthTMXL%2Fb40iaxXnv%2FwmHafpTTaMAwoLI0YZZCo9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7d0557169b2d1c11-FRA
content-length: 2599

GET
H2 200 jquery-1.12.4.min.js Show response
www.threatminer.org/bower_components/jquery/dist/ 95 KB
34 KB 47ms
47ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/jquery/dist/jquery-1.12.4.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17b8b-54e7561880e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzvAFd%2FMFoHOeIV9xU2Y0y%2BE1ZEwFEtpxPLPBO5UfLMZ92%2FfMcZhNeauvJUCzHF9I%2Fw%2F4ngLgriy1WbXAf%2FB4ne9G58tGXGPB2ffIx7O9fQcyn1Jv4ltJsu68A9n41x0Qll2DjN0lbeNZrBk3ubc0tY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557166ae51c11-FRA

GET
H2 200 bootstrap.min.js Show response
www.threatminer.org/bower_components/bootstrap/dist/js/ 35 KB
10 KB 52ms
52ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8c6f-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0eLTYlSCd7XYNLJW2IAiNWE%2BQSEWfxU92diXRNdpfL%2FNYUpl4KX007jpUS6DfVVirvYSnWcONIRnRFVv9wWFiBaPk4A0f4yW3Qzjr1M52Lz%2Bl7ND%2BFqlpa1xq5AnnvvvTC2UaOWtp64%2BLNMrp%2F7BbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557166ae91c11-FRA

GET
H2 200 metisMenu.min.js Show response
www.threatminer.org/bower_components/metisMenu/dist/ 2 KB
1 KB 47ms
43ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"757-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xH5%2FiH0OdaTWp2IGO%2FMrwTqEhh14dlz%2F5xU4lmJs8E9Qc5b0%2BRe9%2F4aQ5u0qBlsiY94AbNSL%2B%2FGyxMVht8hY348J7DQ5M%2F0PtIxFb5ni%2F%2FT3ramhbw5Th%2BkSjv3hPqvzU9W9exHjNCgyKFwEj%2BRMhOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b1f1c11-FRA

GET
H2 200 jquery.dataTables.min.js Show response
www.threatminer.org/bower_components/datatables/media/js/ 81 KB
29 KB 70ms
66ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables/media/js/jquery.dataTables.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"14544-54e7582bb33c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy6%2B7sSQNZG85FgPYPPJMUZNJ7qbA4VrddswFW9fyqav0KNdFEJaIcjG1ETj4fxa0JH%2BIS6UM9%2Br4%2F%2BFflEeQ6ON9QSvNdANQynzwWH7B3yxJbFVPX37SV7IAPH3tsa1TSY%2BJZVJatTKodfuqzIQLlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b221c11-FRA

GET
H2 200 dataTables.bootstrap.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 2 KB
1 KB 48ms
43ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"796-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXGwXobsIhh9ek9PWjERLJUg2qxSpRKVaGHrwe9%2FzFjf5RQL5jdjJXzyiTw2fISeFpntd4bCNAiHOC76oQkHYVR9qRhcHjbRbYYtJIvXFMjJo0e7EVZtey8Mr%2BryJ%2FGx3QMwEiIZrIeEvczs89zNoho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b231c11-FRA

GET
H2 200 dataTables.buttons.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 16 KB
6 KB 54ms
50ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:34:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4088-54e75a5c75ec0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnP57FZZdPPDIpKsffUTkv%2F%2BO0IJ4vhIWEdQUiWkkFErNzOKpzCxTHH4eiD0PSjwRyreXHksNgC0APPCL6%2BLBWdiYj5Eksc1u%2FYAmnTUPDEmIhv0mXp6xUcJdycl5la62LGw5Uq1HOYTP9bW1n9a8KU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b241c11-FRA

GET
H2 200 pdfmake.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/ 1 MB
391 KB 70ms
66ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"106721-54e74d7b9bc80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBL7M9B7oVLd7bRYOFq2wl2aVVNzcRQ1ujA%2BvRIgcj%2BKDscX5Gxp%2FAX%2FsHqWO7oWdhhhlb3pT2Fr%2Bx8OJ6REXRUFMczwH3n8CxqGz8e77XpSxDTruKO4HrgbyNWO17FTSeOv9wVaPIYqSxd6FNEgqvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b261c11-FRA

GET
H2 200 jszip.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/ 100 KB
31 KB 55ms
51ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/jszip.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:36:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"18e33-54e74d74eecc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHaVuGMhb1iwl1GloeAhHTOAF7NOXjIFz%2BErpwM%2Fyb1prUr5nEqPMgyH8BexEAKRvU7%2BQohz9ktfQqi9bZKRcI4v10fQ26CObie9u7OERzeQ%2BctfXnOChuOYXIElC3jTrikOeh%2FdLtKZKW34%2B37ePRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b271c11-FRA

GET
H2 200 vfs_fonts.js Show response
www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/ 933 KB
454 KB 67ms
63ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecee1d502f45731162f99f4d6aa07c0315a26a8382c1b1bc3c9958ab3ff04000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 01 May 2017 11:37:11 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=955603
etag: W/"e94d3-54e74d80607c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErfFuwDkH3hGjWR69i1G%2BGkT%2F8cJQnUB%2FDM2Nne9HSOi%2FFUgUTFYDpeKctuJ49CEUEpEVWDe5Mi3Fq3fodDdx33tBon9iwoEJo2i2PL896EAJ4aHeVuskUSQy661oz8TaFnpDY%2FryehCrZD3yWQmmIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b281c11-FRA

GET
H2 200 buttons.html5.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 23 KB
6 KB 52ms
49ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b7a-54e74d8525300-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sxXGBszRvQwyM2Lv66qq%2FrKFJksNGnIdEWGCxsPNPBB5sRpIMOl1t3tqK7UXllWQIyad%2FU%2BY9g4rUCo9NzBDbdWWidGwEfT9cZQI5qbZDEqtoErq5sONC5lyHpkSRaZ%2FW06U%2BfIcmXHSX41D3ZxGQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b291c11-FRA

GET
H2 200 sb-admin-2.js Show response
www.threatminer.org/dist/js/ 756 B
710 B 123ms
119ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/sb-admin-2.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed99491fe47b5733d1ad2fbf90f5d9066d049a530d1b92ebe47be5e0c527a32e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 25 May 2019 17:16:01 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1181
etag: W/"49d-589b97821f640-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdgADfHmOqqnvT26n50ylqcatgR3MJuc3%2BvdcMEW7IaLouN407IP9lRPisx1n8asWmuoW52wjvIG%2FXTX2SZynlOSEtT3FLKyjNsw%2FQ5DER4TWZ33eOoQcSnTB1zsk10BDwNIl%2FuxWqw8HcnfYc2hk3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b2a1c11-FRA

GET
H2 200 tm_utility.js Show response
www.threatminer.org/dist/js/ 8 KB
2 KB 118ms
115ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/tm_utility.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e725928ffb665a91ca8a3631e3002edba9b0f9ec66b40a59d53db0f44827e34e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 22 Nov 2021 16:06:03 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=10497
etag: W/"2901-5d162cd378793-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RdjRzhVz3ukDEJ%2BGaCiD5DMYkm7ne3z2B6HEvAVLsJ3m65ZhGg8rTVPUZ2cBIk0sjU0W3gt6R6YvwykyYd34hWMZpeB9Tz%2BFlAaMygwcsmyAExS6B2asJ2NnD6yAFl%2B7dUGSKF3qBCIb%2BK%2FxXk6fUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b2b1c11-FRA

GET
H2 200 social-share-kit.min.js Show response
www.threatminer.org/dist/js/ 6 KB
3 KB 57ms
54ms Script
application/javascript 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/social-share-kit.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 16:07:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"179c-583ab8aa0e600-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ow5ONA3%2B7ieGTBTQVuEB1sNQfq5yFWkNerKfxeYONXYXmA3r98r8afZSpFKTQ1kuK5s%2FsID7OjPCYwq1%2FdBjNTbqlQYqDgKHpz8X%2BBIYSkMJWz5jZ0ROpcDAofIipm%2FpGtGZjYjlwvBnBwzI5CjcGfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7d0557169b2c1c11-FRA

GET
H2

200

80x15.png
licensebuttons.net/l/by/4.0/
Redirect Chain

https://i.creativecommons.org/l/by/4.0/80x15.png
https://licensebuttons.net/l/by/4.0/80x15.png

430 B
739 B

90ms
27ms

Image
image/png

2606:4700:10::6816:b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://licensebuttons.net/l/by/4.0/80x15.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261

Protocol

Server

2606:4700:10::6816:b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f43d4d35e7ac1e815dc0c8897806e30d928ee62e1aa6ac20f49c649f8b694004

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1200
cf-polished: origSize=640
content-length: 430
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
server: cloudflare
etag: "5eab4a31-280"
x-frame-options: deny
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 7d0557179ac35c32-FRA

Redirect headers

date: Thu, 01 Jun 2023 06:18:36 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 574
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html
location: https://licensebuttons.net/l/by/4.0/80x15.png
cache-control: max-age=432000
cf-ray: 7d055716f9bb37fe-FRA
x-xss-protection: 1; mode=block

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
2 KB 102ms
31ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c370d3d1031ffa74e11fec2c18701213d2b6becea3e2fa47c3d9da52f55bc11c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 May 2023 07:19:31 GMT
server: cloudflare
age: 10692
etag: W/"e8e-5fccfe86ac0fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7d0557170e309bf8-FRA
expires: Thu, 01 Jun 2023 04:20:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 78ms
20ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 04:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6181
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 01 Jun 2023 06:35:34 GMT

GET
H/1.1 200
OK embed.js Show response
threatminer.disqus.com/ 78 KB
25 KB 215ms
140ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatminer.disqus.com/embed.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

5c167cd416ef1a9e588cf7b14a76c6eb561cad0cd58037edcad7c5ef964fa3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 06:18:36 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25447

GET
H2 200 fontawesome-webfont.woff
www.threatminer.org/bower_components/font-awesome/fonts/ 64 KB
64 KB 48ms
47ms Font
application/font-woff 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Origin: https://www.threatminer.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ffac-51434f58bfb80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10j4tTqtw%2BGRswHP2RLpJlixCkHnPKeHxvw%2BqclgCsVK6LzmhffsXmr1t50GxY29nmUwFgy9TA7umk2tgvmj0TaCldY1Wm4BcqiEkCxBYuWg%2F5KHFDsQdxRu1iUeSw0OR9f42J8j4njhRzbaAp6ba0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=86400
cf-ray: 7d055716ab381c11-FRA

GET
H2 200 social-share-kit.woff
www.threatminer.org/dist/fonts/ 7 KB
7 KB 58ms
58ms Font
application/font-woff 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/fonts/social-share-kit.woff
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/dist/css/social-share-kit.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 697c41fffac431521f2db48c7426ac23b972b6eb7b1242f0bb47d6079884d3a4

Request headers

Referer: https://www.threatminer.org/dist/css/social-share-kit.css
Origin: https://www.threatminer.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2016 10:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b08-543c3d291af80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaFByyDiMstZb6wcjvAOqbULjqogYd1IwY7MaxLNoTXdntdCO6z17vKHpFjUoCXKL2YcOf8%2Bry1FvY898kj1nQSzKXT2jMohA2OXYCctF7k1ezT2ZoHdyqDoTm%2F%2FIpCRc50cWvU2fhmLsjZN3taZY6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=86400
cf-ray: 7d055716ab3a1c11-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 30ms
26ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=1720143291&t=pageview&_s=1&dl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&ul=en-us&de=UTF-8&dt=c99131e0169171935c5ac32615ed6261%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1946178898&gjid=1162797999&cid=69561020.1685600316&tid=UA-73787980-1&_gid=1058981295.1685600316&_r=1&_slc=1&z=562974888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.threatminer.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 06:18:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.threatminer.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getReport.php Show response
www.threatminer.org/ 0
309 B 44ms
44ms XHR
text/html 2606:4700:20::681a:feb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/getReport.php?e=notes_container&t=2&q=c99131e0169171935c5ac32615ed6261
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FefBHWvOogzV3N9t3xgfxtHgRii9HvakHWpy8xPY1E3ketDWs%2FhrpTDX90HOMMYHkefOqI54297gKyjOLtmrik8%2BOJ71yzvM5tIyHjvRLmhywCJfsCAf%2Fxvu0Lu%2BLiG1lCRks47gIb7g3kdVnOPGmSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7d0557188e4a1c11-FRA

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1867.003-3.027/ 186 KB
57 KB 31ms
30ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d640c052242a5bc13404627dd9d603d7b416a519eff053c2d00613ad85362e0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 May 2023 10:54:50 GMT
server: cloudflare
age: 10113
etag: W/"2e87a-5fc5a376e26e4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7d055718982d9bf8-FRA
expires: Sat, 01 Jul 2023 03:30:03 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/ 350 KB
118 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5720763271532377&plah=www.threatminer.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18abf29f43ee3985b6bc7b478ce70fca64f51bd777d32045d6e7743eff5da5de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120490
x-xss-protection: 0
server: cafe
etag: 228826445712924760
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 01 Jun 2023 06:18:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/ Frame A8B7 10 KB
5 KB 67ms
19ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 19:50:07 GMT
etag: 15057649708203361565
expires: Wed, 14 Jun 2023 19:50:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 136ms
47ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=414385693720d4156

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

31619abe1ec685fb4d288529a5767b1528e1e438871ecca8d2c0c0ef15f9f7c1

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-gqTu83YE6vD79sWNxIX_hA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-gqTu83YE6vD79sWNxIX_hA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Thu, 01 Jun 2023 06:18:36 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2506
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Thu, 01 Jun 2023 06:18:36 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame D57E 320 KB
104 KB 20ms
18ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.threatminer.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2882775
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Jun 2023 06:18:36 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 5245 0
33 B 148ms
130ms Document
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d05571999769bf8-FRA
content-length: 0
date: Thu, 01 Jun 2023 06:18:36 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
43 B 143ms
129ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d05571999789bf8-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 319 B
509 B 137ms
133ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&jsv=1867.003-3.027&_cb=16856003163880
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61b0afa36867e5498d470b6e87f1dde2d7cc0662938752c986572cd0a29a3a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 06:18:36 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript;charset=UTF-8
p3p: CP="NON DSP NID OUR COR"
cache-control: max-age=0
cf-ray: 7d05571999779bf8-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D57E 869 B
658 B 189ms
128ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4b327806f16a19fea841ada06cefe4cc994caac6

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.threatminer.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-response-time: 109
date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 01 Jun 2023 06:18:36 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 9ca316dcff66fd41
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 7a38d252621728497b6c1abdefb9cd40270423e3a5eb3fc68b7be22ae8ae9257
content-length: 337

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 1BAC 2 MB
975 KB 218ms
138ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=c99131e0169171935c5ac32615ed6261&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&t_d=c99131e0169171935c5ac32615ed6261%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=c99131e0169171935c5ac32615ed6261%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default

Requested by

Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1c9ffb5d07ba14004863406be6f8a5fb5f227e95353d5c188ea6d3b27accc26b

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 997487
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 01 Jun 2023 06:18:36 GMT
ETag: W/"lounge:view:7906360608.c4226555171a3c6db650f01e1e6e19fe.2"
Last-Modified: Sun, 11 Dec 2022 22:34:41 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 29 KB
10 KB 219ms
140ms XHR
text/html 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=threatminer&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23337ab7&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&typeface=sans-serif&disqus_version=current
Requested by: Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 7c30b34227ca7603eaf56a43494155d580e18baee9370bc687efee4c130fde57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 06:18:36 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9848

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 173ms
122ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=55gtsus4m1tj8&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=threatminer&zone=thread&version=a60f6234fc5f3757cf71342baeb86550&page_url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=5993718

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 06:18:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 79ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.threatminer.org&callback=_gfp_s_&client=ca-pub-5720763271532377

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5720763271532377&plah=www.threatminer.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc782dd1e1e6657fcd139335a689a191e62f8d075b0b6a07ae5db50d3da730d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 91ms
29ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.threatminer.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 80ms
28ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.threatminer.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B095 93 KB
33 KB 637ms
635ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1685600316&rafmt=3&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316257&bpp=4&bdt=435&idt=231&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&correlator=6313399095562&frm=20&pv=2&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=LVcudkDd8z&p=https%3A//www.threatminer.org&dtd=265

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27de879a31ade5b535a5065cc77c3178ab1726c0dfaf4648a8862ec66486b9fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33662
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 06:18:37 GMT
expires: Thu, 01 Jun 2023 06:18:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1CC7 84 KB
33 KB 504ms
503ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1685600316&rafmt=1&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316261&bpp=1&bdt=438&idt=268&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nL2FK21T4x&p=https%3A//www.threatminer.org&dtd=284

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c25daa13c774c29b48ec846a8b3853897d43bb53e3ac556532eb19c8b2fafd01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33089
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 06:18:37 GMT
expires: Thu, 01 Jun 2023 06:18:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/8e77c7877b8339e2/ 308 KB
103 KB 78ms
26ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8e77c7877b8339e2/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=414385693720d4156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab9804e1e8ed41d027b617df32dc2455e19783a8d1f9a41ea349fdb74918b83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 25 May 2023 20:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104943
x-xss-protection: 0
last-modified: Mon, 01 May 2023 18:40:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 24 May 2024 20:43:36 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/8e77c7877b8339e2/ 41 KB
9 KB 73ms
22ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8e77c7877b8339e2/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=414385693720d4156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 25 May 2023 20:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 552901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 01 May 2023 18:40:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 24 May 2024 20:43:35 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
5 KB 76ms
24ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=414385693720d4156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:03:09 GMT
x-content-type-options: nosniff
age: 927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 01 Jun 2023 06:53:09 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14B9 97 KB
35 KB 607ms
607ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1685600316&rafmt=11&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316262&bpp=1&bdt=440&idt=299&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=951HPo88So&p=https%3A//www.threatminer.org&dtd=302

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f558a699af9c46fe96a5877c2561cc50296e1c4a3dbaa0f26d4b50400a4c564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35696
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 06:18:37 GMT
expires: Thu, 01 Jun 2023 06:18:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA26 97 KB
35 KB 423ms
420ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=748155151&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1685600316&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316263&bpp=1&bdt=441&idt=316&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1055&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=WyNknxkLP8&p=https%3A//www.threatminer.org&dtd=320

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ca3a9d878c7e25d56a222d758959f9aad0fc76214eeac866ad06a04b7f4924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35817
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 06:18:36 GMT
expires: Thu, 01 Jun 2023 06:18:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D4A 81 KB
17 KB 378ms
377ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=8831273914&adk=3175788880&adf=707097127&pi=t.ma~as.8831273914&w=1200&fwrn=4&lmt=1685600316&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316263&bpp=1&bdt=441&idt=345&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=QkWh390H8m&p=https%3A//www.threatminer.org&dtd=351

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7f9c5bb7535ca619bf97d9031c7f371e3c3abdc24c0fe12f87bd2de6e515108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17827
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 06:18:36 GMT
expires: Thu, 01 Jun 2023 06:18:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 doq.htm Show response
rt3027.infolinks.com/action/ 1 KB
1007 B 222ms
160ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3027.infolinks.com/action/doq.htm?pcode=utf-8&r=16856003166071
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1867.003-3.027/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2481e153c8ee6d67feb32e48392cc779f60fdccf539a935d68626077e1ff8ae0

Request headers

Referer: https://www.threatminer.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://www.threatminer.org
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-language: de-DE
cf-ray: 7d05571b5f7f03dc-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0421 94 KB
33 KB 403ms
402ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=3926415687&adk=3167179422&adf=2105686797&pi=t.ma~as.3926415687&w=1200&fwrn=4&lmt=1685600316&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316264&bpp=1&bdt=442&idt=357&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=NL3FEomdLg&p=https%3A//www.threatminer.org&dtd=361

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4230569957e19748187b8e01ad548ebb6eeb8744b5bb7e9eb701be2a1a14b725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33759
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 06:18:37 GMT
expires: Thu, 01 Jun 2023 06:18:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C9E3 91 KB
25 KB 390ms
389ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=591&slotname=4336667154&adk=296923673&adf=2825014424&pi=t.ma~as.4336667154&w=1182&cr_col=4&cr_row=2&fwrn=2&lmt=1685600316&rafmt=9&format=1182x591&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316264&bpp=1&bdt=442&idt=364&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=3778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=A7w42NOE3C&p=https%3A//www.threatminer.org&dtd=368

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

403c7a46334016b3138f5d38a34548829b9c56376f39df35d44318cd242efc07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25729
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 06:18:37 GMT
expires: Thu, 01 Jun 2023 06:18:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 30ms
28ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.threatminer.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
29ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.threatminer.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 06:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=privacy_notice&cls=alert%20alert-info%20alert-dismissable%20bottom_popup&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 06:18:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F2A 295 KB
66 KB 461ms
460ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&adk=1812271804&adf=3025194257&lmt=1685600316&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3Dc99131e0169171935c5ac32615ed6261&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685600316328&bpp=3&bdt=506&idt=321&shv=r20230530&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6932ff55ee644d5c-22f6716effdd006d%3AT%3D1685600316%3ART%3D1685600316%3AS%3DALNI_MY7O-71-pnXkBQKCJrYGrbcY3z09w&gpic=UID%3D00000c2aac2ac721%3AT%3D1685600316%3ART%3D1685600316%3AS%3DALNI_MYQkLu8_WJ8tcvKpCZbtAHB9UI_kA&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1182x591&nras=1&correlator=6313399095562&frm=20&pv=1&ga_vid=69561020.1685600316&ga_sid=1685600317&ga_hid=1720143291&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44788441&oid=2&pvsid=1741812022134593&tmod=741212208&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=358

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae936de4404a16ddaf5579db9b02f8301641f6f8b2dd1080e8a3f9a80c638c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 67308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 06:18:37 GMT
expires: Thu, 01 Jun 2023 06:18:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame 5F20 357 KB
64 KB 86ms
30ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=c99131e0169171935c5ac32615ed6261
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7196a69c33995b3981be179d797d039b94fde1105054f93b890b686608aa83b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: hFi8.ayCQKPNoW6cfab9Y9cqoUqa83Zc
content-encoding: gzip
via: 1.1 varnish
date: Thu, 01 Jun 2023 06:18:36 GMT
x-amz-request-id: ZRGD132P369H6N7P
age: 28
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 65391
x-amz-id-2: DLvZrUyxQJTgLrsksMZ4fw15bwCNkQuZTothYrhq6zFgut7NypCUt3IG/blMrerV1rhDUGpNIyc=
x-served-by: cache-fra-etou8220098-FRA
last-modified: Wed, 31 May 2023 09:44:52 GMT
server: AmazonS3
x-timer: S1685600317.766293,VS0,VE11
etag: "cc0857ad8e8bc2af088df4fde75a002a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8e77c7877b8339e2/cse_element__de.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5128b87fb5bfb0327c7601e53b4eda83db1434c5704b30647891560cb5811f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

www.threatminer.org Open in urlscan Pro 2606:4700:20::681a:feb

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

304 Requests

100 %HTTPS

67 %IPv6

22 Domains

45 Subdomains

39 IPs

4 Countries

8868 kBTransfer

19128 kBSize

12 Cookies

17 Outgoing links

Redirected requests

304 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.threatminer.org
2606:4700:20::681a:feb

Screenshot
Live screenshot

Full Image

304
Requests

100 %
HTTPS

67 %
IPv6

22
Domains

45
Subdomains

39
IPs

4
Countries

8868 kB
Transfer

19128 kB
Size

12
Cookies

304 HTTP transactions
9 data transactions