URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Submission: On March 22 via api from US — Scanned from DE

Summary

This website contacted 64 IPs in 8 countries across 52 domains to perform 438 HTTP transactions. The main IP is 2606:4700:20::681a:feb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.threatminer.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.
This is the only time www.threatminer.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 2606:4700:20:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
7 2606:2800:234... 15133 (EDGECAST)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 21 172.66.41.9 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 199.232.192.134 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
15 2600:9000:205... 16509 (AMAZON-02)
4 151.101.0.134 54113 (FASTLY)
38 2a00:1450:400... 15169 (GOOGLE)
1 2 104.244.42.72 13414 (TWITTER)
2 199.232.196.64 54113 (FASTLY)
5 199.232.196.134 54113 (FASTLY)
2 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 8 2a00:1450:400... 15169 (GOOGLE)
32 2606:2800:134... 15133 (EDGECAST)
69 151.101.1.44 54113 (FASTLY)
1 67.202.105.33 32748 (STEADFAST)
2 6 184.30.20.241 16625 (AKAMAI-AS)
1 51.75.86.98 16276 (OVH)
4 4 198.47.127.18 62713 (AS-PUBMATIC)
4 5 142.250.186.34 15169 (GOOGLE)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
2 2 198.47.127.20 3257 (GTT-BACKB...)
1 2 35.227.248.159 15169 (GOOGLE)
4 5 37.252.172.37 29990 (ASN-APPNEX)
1 34.98.64.218 15169 (GOOGLE)
3 3 3.126.56.137 16509 (AMAZON-02)
4 4 213.19.147.45 26120 (RHYTHMONE)
2 3 3.33.220.150 16509 (AMAZON-02)
1 1 50.31.142.223 23352 (SERVERCEN...)
1 178.162.133.149 60781 (LEASEWEB-...)
1 52.30.111.237 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 99.80.176.170 16509 (AMAZON-02)
2 2 52.59.41.116 16509 (AMAZON-02)
1 38.27.122.101 174 (COGENT-174)
1 216.52.2.19 30282 (AS-INAPCD...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 67.202.105.24 32748 (STEADFAST)
2 6 99.86.7.38 16509 (AMAZON-02)
1 2 209.54.180.144 16509 (AMAZON-02)
1 38.91.45.7 398989 (DEEPINTENT)
2 2 52.31.243.45 16509 (AMAZON-02)
1 1 34.111.151.213 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
44 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
3 2a02:2638:1::11 44788 (ASN-CRITE...)
2 2a02:2638::2 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 199.232.194.49 54113 (FASTLY)
8 2606:2800:233... 15133 (EDGECAST)
2 2606:2800:233... 15133 (EDGECAST)
21 2a02:2638::3 44788 (ASN-CRITE...)
3 2600:9000:206... 16509 (AMAZON-02)
3 178.250.2.148 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 37.157.2.239 198622 (ADFORM)
23 178.250.0.139 44788 (ASN-CRITE...)
4 178.250.2.150 44788 (ASN-CRITE...)
2 199.212.255.247 25948 (FHMNET)
3 199.232.192.64 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42::300 54113 (FASTLY)
2 141.226.224.32 200478 (TABOOLA-AS)
438 64
Apex Domain
Subdomains
Transfer
73 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 971
trc.taboola.com — Cisco Umbrella Rank: 562
15.taboola.com — Cisco Umbrella Rank: 1773
images.taboola.com — Cisco Umbrella Rank: 1507
vidstat.taboola.com — Cisco Umbrella Rank: 1762
imprammp.taboola.com — Cisco Umbrella Rank: 11235
pips.taboola.com — Cisco Umbrella Rank: 1686
cds.taboola.com — Cisco Umbrella Rank: 997
4 MB
55 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
580 KB
48 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
pix.eu.criteo.net — Cisco Umbrella Rank: 7328
csm.eu.criteo.net — Cisco Umbrella Rank: 7422
128 KB
42 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1236
pbs.twimg.com — Cisco Umbrella Rank: 615
abs.twimg.com — Cisco Umbrella Rank: 1748
ton.twimg.com — Cisco Umbrella Rank: 5352
631 KB
42 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
359 KB
27 threatminer.org
www.threatminer.org
1 MB
23 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7674
router.infolinks.com — Cisco Umbrella Rank: 2493
rt3001.infolinks.com — Cisco Umbrella Rank: 67491
node228.impressionssl.adshop.infolinks.com — Cisco Umbrella Rank: 445693
211 KB
16 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 3984
a.disquscdn.com — Cisco Umbrella Rank: 7871
552 KB
16 google.com
cse.google.com — Cisco Umbrella Rank: 2215
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
clients1.google.com — Cisco Umbrella Rank: 386
219 KB
15 disqus.com
threatminer.disqus.com
disqus.com — Cisco Umbrella Rank: 2684
tempest.services.disqus.com — Cisco Umbrella Rank: 12787
referrer.disqus.com — Cisco Umbrella Rank: 6134
reporting.services.disqus.com Failed
links.services.disqus.com — Cisco Umbrella Rank: 11671
85 KB
9 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348
ads.eu.criteo.com — Cisco Umbrella Rank: 7435
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430
170 KB
9 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 525
syndication.twitter.com — Cisco Umbrella Rank: 769
214 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
108 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
288 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 343
137 KB
7 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 570
image2.pubmatic.com — Cisco Umbrella Rank: 774
image4.pubmatic.com — Cisco Umbrella Rank: 765
2 KB
6 googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 399
fonts.googleapis.com — Cisco Umbrella Rank: 35
128 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 125
4 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
dsum.casalemedia.com — Cisco Umbrella Rank: 1197
7 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
4 KB
3 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1442
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
1 KB
2 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 4105
531 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 462
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
674 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 630
648 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 365
890 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
914 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
855 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
24 KB
1 seadform.net
track.seadform.net — Cisco Umbrella Rank: 97249
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1624
318 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 813
44 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 807
72 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 631
755 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
277 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1498
112 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 3771
233 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 1700
945 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 843
474 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 528
288 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
475 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 621
305 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 797
814 B
1 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1136
289 B
1 licensebuttons.net
licensebuttons.net — Cisco Umbrella Rank: 19955
1 KB
1 creativecommons.org
i.creativecommons.org — Cisco Umbrella Rank: 21462
314 B
0 inmobi.com Failed
sync.inmobi.com Failed
438 52
Domain Requested by
44 tpc.googlesyndication.com googleads.g.doubleclick.net
www.threatminer.org
tpc.googlesyndication.com
37 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
31 pbs.twimg.com www.threatminer.org
platform.twitter.com
29 images.taboola.com www.threatminer.org
cdn.taboola.com
vidstat.taboola.com
27 www.threatminer.org www.threatminer.org
23 pix.eu.criteo.net ads.eu.criteo.com
www.threatminer.org
21 static.criteo.net ads.eu.criteo.com
17 cdn.taboola.com www.threatminer.org
cdn.taboola.com
15 c.disquscdn.com threatminer.disqus.com
disqus.com
c.disquscdn.com
14 router.infolinks.com 1 redirects resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
11 pagead2.googlesyndication.com www.threatminer.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
8 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
8 abs.twimg.com www.threatminer.org
platform.twitter.com
8 www.googletagservices.com googleads.g.doubleclick.net
8 www.google.com 3 redirects cse.google.com
www.google.com
www.threatminer.org
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
7 platform.twitter.com www.threatminer.org
platform.twitter.com
6 15.taboola.com cdn.taboola.com
6 www.gstatic.com googleads.g.doubleclick.net
6 sb.scorecardresearch.com 2 redirects cdn.taboola.com
www.threatminer.org
5 trc.taboola.com cdn.taboola.com
www.threatminer.org
5 ib.adnxs.com 4 redirects ssum-sec.casalemedia.com
5 cm.g.doubleclick.net 4 redirects ssum-sec.casalemedia.com
5 referrer.disqus.com www.threatminer.org
5 cse.google.com www.threatminer.org
www.google.com
cse.google.com
4 imprammp.taboola.com www.threatminer.org
4 csm.eu.criteo.net ads.eu.criteo.com
4 fonts.googleapis.com googleads.g.doubleclick.net
4 image8.pubmatic.com 4 redirects
4 disqus.com threatminer.disqus.com
c.disquscdn.com
4 resources.infolinks.com www.threatminer.org
resources.infolinks.com
3 links.services.disqus.com c.disquscdn.com
www.threatminer.org
3 cat.nl.eu.criteo.com ads.eu.criteo.com
3 secure-gl.imrworldwide.com ads.eu.criteo.com
3 ads.eu.criteo.com googleads.g.doubleclick.net
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
3 sync.1rx.io 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 rt3001.infolinks.com resources.infolinks.com
www.threatminer.org
2 cds.taboola.com cdn.taboola.com
2 pips.taboola.com cdn.taboola.com
2 node228.impressionssl.adshop.infolinks.com www.threatminer.org
blank
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.viglink.com www.threatminer.org
2 ton.twimg.com platform.twitter.com
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 match.prod.bidr.io 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 pixel.advertising.com 2 redirects
2 ad.360yield.com 2 redirects
2 pixel.tapad.com 1 redirects router.infolinks.com
2 image4.pubmatic.com 2 redirects
2 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
cse.google.com
2 tempest.services.disqus.com threatminer.disqus.com
2 syndication.twitter.com 1 redirects platform.twitter.com
2 www.google-analytics.com www.threatminer.org
www.google-analytics.com
1 s0.2mdn.net tpc.googlesyndication.com
1 track.seadform.net googleads.g.doubleclick.net
1 a.disquscdn.com www.threatminer.org
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 imasdk.googleapis.com resources.infolinks.com
1 clients1.google.com www.threatminer.org
1 www.googleapis.com www.threatminer.org
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 match.deepintent.com ssum-sec.casalemedia.com
1 ssc-cms.33across.com router.infolinks.com
1 p.rfihub.com 1 redirects
1 ap.lijit.com router.infolinks.com
1 match.bnmla.com router.infolinks.com
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 sync.go.sonobi.com router.infolinks.com
1 b1sync.zemanta.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 u.openx.net router.infolinks.com
1 image2.pubmatic.com 1 redirects
1 onetag-sys.com router.infolinks.com
1 de.tynt.com router.infolinks.com
1 cdn.syndication.twimg.com platform.twitter.com
1 threatminer.disqus.com www.threatminer.org
1 licensebuttons.net www.threatminer.org
1 i.creativecommons.org 1 redirects
0 sync.inmobi.com Failed router.infolinks.com
0 reporting.services.disqus.com Failed www.threatminer.org
438 89
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-28 -
2022-06-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA
2020-04-20 -
2022-05-09
2 years crt.sh
*.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
a.disquscdn.com
Amazon
2021-10-31 -
2022-11-28
a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-01-31 -
2023-03-04
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.google.de
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
www.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2021-12-08 -
2023-01-09
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2
2021-12-30 -
2023-01-31
a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2
2021-12-30 -
2023-01-31
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-15 -
2022-06-13
3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-19 -
2022-06-18
3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-13 -
2022-06-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2022-01-03 -
2023-02-04
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-02 -
2022-05-03
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2021-07-12 -
2022-06-30
a year crt.sh
*.seadform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-11-04
a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-03 -
2022-05-02
3 months crt.sh
node228.impressionssl.adshop.infolinks.com
R3
2022-01-10 -
2022-04-10
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh

This page contains 41 frames:

Primary Page: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Frame ID: 2A8297841E00AFB8D53FEFD9CD620979
Requests: 94 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.threatminer.org
Frame ID: EF41ED859B93712907EF61B74BE00660
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 138F5482221E986751BFB2A9138207A8
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe
Frame ID: A2EC5A7C2155157A081FFA7255E36D4B
Requests: 19 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=56e008e903a7e3a3b98e19f313435afe&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&t_d=56e008e903a7e3a3b98e19f313435afe%20Malware%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=56e008e903a7e3a3b98e19f313435afe%20Malware%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
Frame ID: C7EAA27ABA5816A18D3BE7D2A36FD4EE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1647958790&rafmt=3&psa=0&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647958790499&bpp=3&bdt=386&idt=142&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&correlator=1619148827151&frm=20&pv=2&ga_vid=288048568.1647958790&ga_sid=1647958791&ga_hid=1115656681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066432%2C31065702%2C44760495%2C31063247&oid=2&pvsid=3871871897982972&pem=22&tmod=415969553&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Tgnt5hVCpl&p=https%3A//www.threatminer.org&dtd=157
Frame ID: 096837B9F379BDED5DDAC46BDBD93193
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1647958790&rafmt=1&psa=0&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647958790502&bpp=1&bdt=389&idt=164&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=1619148827151&frm=20&pv=1&ga_vid=288048568.1647958790&ga_sid=1647958791&ga_hid=1115656681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066432%2C31065702%2C44760495%2C31063247&oid=2&pvsid=3871871897982972&pem=22&tmod=415969553&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RoA7beqqPT&p=https%3A//www.threatminer.org&dtd=166
Frame ID: 85FF84BC32011BAF77AF64379F2F907A
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1647958790&rafmt=11&psa=0&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647958790503&bpp=1&bdt=390&idt=168&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=1619148827151&frm=20&pv=1&ga_vid=288048568.1647958790&ga_sid=1647958791&ga_hid=1115656681&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066432%2C31065702%2C44760495%2C31063247&oid=2&pvsid=3871871897982972&pem=22&tmod=415969553&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aLQZDLGjzi&p=https%3A//www.threatminer.org&dtd=170
Frame ID: 06F3A0199971338FA7543EF9F005815B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=3636535385&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1647958790&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647958790504&bpp=1&bdt=391&idt=174&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=1619148827151&frm=20&pv=1&ga_vid=288048568.1647958790&ga_sid=1647958791&ga_hid=1115656681&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066432%2C31065702%2C44760495%2C31063247&oid=2&pvsid=3871871897982972&pem=22&tmod=415969553&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=meEOo6kkQh&p=https%3A//www.threatminer.org&dtd=177
Frame ID: E2E71165E7CAF487D6EC5A03E77249C5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=8831273914&adk=3175788880&adf=3735847537&pi=t.ma~as.8831273914&w=1200&fwrn=4&lmt=1647958790&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647958790505&bpp=1&bdt=392&idt=184&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=1619148827151&frm=20&pv=1&ga_vid=288048568.1647958790&ga_sid=1647958791&ga_hid=1115656681&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066432%2C31065702%2C44760495%2C31063247&oid=2&pvsid=3871871897982972&pem=22&tmod=415969553&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=IL1GfCm72f&p=https%3A//www.threatminer.org&dtd=186
Frame ID: 7115C79D96C3A8C6AA5629530E3AB886
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=3926415687&adk=3167179422&adf=3170887745&pi=t.ma~as.3926415687&w=1200&fwrn=4&lmt=1647958790&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647958790505&bpp=1&bdt=391&idt=191&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&correlator=1619148827151&frm=20&pv=1&ga_vid=288048568.1647958790&ga_sid=1647958791&ga_hid=1115656681&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2598&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066432%2C31065702%2C44760495%2C31063247&oid=2&pvsid=3871871897982972&pem=22&tmod=415969553&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=BS04Z9cZfB&p=https%3A//www.threatminer.org&dtd=193
Frame ID: FCA7BA19DD8E53577FF8AD11CD7B5ECC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=591&slotname=4336667154&adk=296923673&adf=1593494102&pi=t.ma~as.4336667154&w=1182&cr_col=4&cr_row=2&fwrn=2&lmt=1647958790&rafmt=9&psa=0&format=1182x591&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647958790506&bpp=1&bdt=393&idt=194&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200&correlator=1619148827151&frm=20&pv=1&ga_vid=288048568.1647958790&ga_sid=1647958791&ga_hid=1115656681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=2953&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066432%2C31065702%2C44760495%2C31063247&oid=2&pvsid=3871871897982972&pem=22&tmod=415969553&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=BzyDBnNSkW&p=https%3A//www.threatminer.org&dtd=197
Frame ID: 1B9997361998BB7AC3775C512F99D17E
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&adk=1812271804&adf=3025194257&lmt=1647958790&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647958790519&bpp=1&bdt=406&idt=188&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200%2C1200x200%2C1182x591&nras=1&correlator=1619148827151&frm=20&pv=1&ga_vid=288048568.1647958790&ga_sid=1647958791&ga_hid=1115656681&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066432%2C31065702%2C44760495%2C31063247&oid=2&pvsid=3871871897982972&pem=22&tmod=415969553&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=197
Frame ID: 75AC7ADD5C45DCEC4CBDC762FA124198
Requests: 1 HTTP requests in this frame

Frame: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22bottom%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-b&position=bottom&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=56e008e903a7e3a3b98e19f313435afe&1647958790766
Frame ID: 548E6A3B5920C9AF5E4E362137F8B658
Requests: 38 HTTP requests in this frame

Frame: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=5993718&source_url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&organization_id=4448595&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=threatminer&referrer_url=https%3A%2F%2Fwww.threatminer.org%2F&canonical_url&q=56e008e903a7e3a3b98e19f313435afe&1647958790775
Frame ID: 725C967AEB96A93050EC3D46E329AB04
Requests: 33 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: A3B7A581482E119330090BEFD3C5C0D8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 08A2228EA0A7B4553611CF64319B5433
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 06B8C833D2E4F93B725A94D259334223
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjnbBgALaTAKGJQHAAeJDiBb9flhU0ymLIKmhg&u=%7CEqx3jKV1DZW0j%2BXV282WfXB93ji5o7M6qSoYzqwaNP8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfYMEBacBPm4uqHZzUD3NyaasmJxrOCYpJSBEMyJexuvWoYoU6__bXTOLSoXbRKYy3jnnSpos5sgv1U4zUYcFxOVlYohPlC1jeVfCXqxkrTcKRdkCxx660Le-h0f_IPSaWN4n1pFQy9RtGsFaQHFPOjz8LXfFKUw1bGWY8nhef7y6IDC4LsplPI0MxbfC4po4XU1ah2rUcCP3MwfpH6fp30R-UpEEueu2wqqYXcF8n3NxDxEO6g9rHjPT9LwQEb9PECc-7QSLyF-gwqdi7D1dztrl2eF5Xauarb9GFE3fsr6xOV0FToP-0N-k5DzuakT6x03wh3fkJMiD5MbCu-mBa4iXdXM7KhupqRVzf1KOo-pQPXef6q7kzGx&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr0E7Bts5YrDSLYeoYo6SnvgPyZ7SsVzFspj3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCWCz0URRysj6oAwGqBNgBT9BB4pGmsbfb0qAfLieF5AjM6TY9SW6qgSLiAfWzweDKFaToWTCaGUDolPrXYDrObodvb7WZQ8kMHu8OVoIZDr_tLSDPitpIxgt4x39CPsG0y6R2_-Eeqw9Pf14RlX9sHvLDtKuC0rc35Z02y9mMjWfk3wLrirgvNc0zZ3QFC0EzXwI9_U3hK0V6j-epIc4kq-t6-lBzkV4n1euZJWDmfQM6AH3ULA2ApWpASzIj5LHyryitoD-3kw1RJj-VmHo9xbFZjN9bFMxrSa1c-awFIw2oAHqJDVpOgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0BHRcEaNeQ2JO_9m1ewhk7AmfGZQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: E41AF19BC53E31740F49A55D0D1FC43E
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjnbBgALpckKGJhYAAcItII2jY6vLgWaMGf5xg&u=%7CEqx3jKV1DZUOfrkxdG%2BOU%2BFwN%2Bg8IQv98EAAaGYuegI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy2vlXc6UG1VzF2Kd270zxfZ1qieSPxN3xWOPdW3T4GgFoRdOZYM0vCb57nHrvMljEyIvCs5fbPFCk2Jnmwu9Bx0CYTDsFlw5sVCwgowuIFXhzLF4TIP1GjG8Nyf4vvMXWWXmov0ib8EcLcSaPRspZkmCf9MevEvt23BMWZ9Y4bkOc20QCUEKC6QzWy5nIzMv4Q6au3s0rZx78-zQOVWlpsboorLA0boS3JYDCtmCsZwYCJm4HNgYKzwWV5zqyVvsIilH1Cd6ARi28O76Gejzt68HC2YnQlyYbauKXX35m9vv44ZHdAMx3mzK-Rt12ufJcj1D1YnLRltkgf9ovAPulilcm1r6jIRQ34D8MDDy-tUHLyuEk4c19BNscbe9NaH1LLk4ozTzBY_Bt0o8hTLbU0k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnoeJBts5YsnLLtiwYrSRnEjJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi01NzIwNzYzMjcxNTMyMzc3oAHVttLqA8gBCakCWCz0URRysj6oAwGqBNkBT9Dqc6f432dl7Jml4Oo6vS0gRzGVHTWGXZ7AFz43ZuhgRHN0Ud2VGLX4IgJ4-Sm7owrZyBunr3-Axwr6AIxzF1oA9rZ0mjWxuofq2cqJXAkhU1To_uIcQuAKfxOOFXxIQdkyzcJd2V6qNbKRvaWpl9jb2KgiBg_TwO-k4eF8bS4uC6F9UWonvLcTK40rlzrvju_pUA949xUNVEbgzkriyG-b9NzUgc3yI0dhkQDczdhPS-OIqjVVR1fIFS7Af7iWFGLcgH1IeNjuXxgwyfl7Klxzec5tVW1uzYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2_Pu_weGdscXD7rHQTj9bSkQpNfg%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 648B2847B37EBE90CFBFB312C685AF55
Requests: 21 HTTP requests in this frame

Frame: https://cse.google.com/cse_v2/ads?adsafe=low&pcsa=true&cx=009665096751685288782%3Ao6_z_tmwsge&client=google-coop&q=56e008e903a7e3a3b98e19f313435afe&r=m&hl=en&type=0&oe=UTF-8&ie=UTF-8&fexp=20606%2C17300842%2C17300953%2C17300955&format=p4&ad=p4&nocache=5101647958791233&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1647958791234&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=3840&frm=0&uio=-&qup=1&jsid=csa&jsv=12411&rurl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe%23gsc.tab%3D0%26gsc.q%3D56e008e903a7e3a3b98e19f313435afe%26gsc.page%3D1
Frame ID: 2FCE71D5F1D863303799149259F2A5B9
Requests: 2 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1503869678833311745/j5FK-xqV?format=png&name=800x419
Frame ID: 6ACCD96869E1E4079A1E70B1B3B0FE24
Requests: 41 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjnbBgALJNQIu8ZKAACOAR93n3iKa0OY_VSalw&u=%7CEqx3jKV1DZXJNqL%2FvmTofLMhp4jJnXGjxAPA4gjvkrc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy__U_jolI7iL-L4oo_FnJwhiD6XEKNVdGPbb-6J8D005IDm9Rql_SVJGy9NVdCAfiWII0YZM3VSSfF4RZOXBcp4xRDprOO4fbJpclnaPC-RTWwsQ7G7XiDgHbICEQxcjlMOmjG_Z_XKXolG-gcOr47qM6mQv-5KkQmuYwE7P6nmsoyDUH-zAbgl-nVrnWvtIFTxwYsxV5mY8nrt-NgOJPYfqHr3ss2q9Fze9x2eRN3wEHmcTjwhFJD9u9TjMZmFPrU_jZYRwcvNQv1fKRM70qu9wZGYbThHREvFm2iGI2CKe7TR-eRiml2xoJwQXkgmLlnbC1XgTFGjNFO1y14Qlvrqxj-RJ-Bsu-8mgq0IwCf1fO8tndQIWkK7Nmw09I0YbgftwT7VZRNVb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEuvkBts5YtTJLMqM7_UPgZyCqAvJntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU3MjA3NjMyNzE1MzIzNzegAdW20uoDyAEJqQLL5yCrq22yPqgDAaoE1gFP0BUCmFBu3XLj-qSG5nNj5RTgTDVKgCPHv7Gxfy2CW257-dm0yM98bVy70zhEWC7Gyc_mwqhqjJ-xmVIWWeyTgzXvzIv8z6ZEsenllbmK4OLCCrtpwTmjHYfjw2bt_OC76jPtD7uiWALa86WSrd3BfhzxR0RgLfbGf_Xe3AJ75pYFUAlkfWbkUo7oXBd0yEKQm8LmYp-wk7wlrwztS8SKFOUkOznr_Efftkyf1FL6-mh8K7lmFs9PMui1SPR1oFDGRAuIIm2HweMKtOThfwQZWifP26w3gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1eKWicQTeBrxt2UvIc0uNQ3ABpMQ%26client%3Dca-pub-5720763271532377%26adurl%3D
Frame ID: 24A78316E0E32B04666F58D0E0D4B6CC
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9C28080C03A2198F642548BE845FD4D5
Requests: 2 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: A53A8A072B2DD763EF3025359BF8B633
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: C32FC9C9DCEDEBCB08845444C2C04F5B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Frame ID: 0746CAAC18708576F144A15E84EF3DCB
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=44759F818E51156803581966320&cicmp=1337627&cijs=1&dast=V7peoCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHDTarZYz4mK4Yi0Wq9lwMFmsJsvdbjbbDJYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbeBA0-nwue71ut_vLjpaXg7T22l3We56y88vBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACiOAvYb7S5_AAA8KIAAAAhghAAcgk-IAAAAAIwAAAAAkAAIJBaWADjcLZoAAAT8xf5XwpwAAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAHwMgSwM-LLLFaoTFUAWMQIAAADIrd4kPZrUCZVF1f___78VwBUAQMBf7H_lUdbNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE4ISfkwLYkCxV-MZuVZY-wUEAGB7NwCANwG4mAOwAwAAALj7____zwMAAFDao2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgHVefS-bw6FQ_m43Luaxc-PsRwNZcsNnPFajVXzEarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
Frame ID: 52E611CBD069E08DDE59BD30CC76D42C
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=ECABE043CF1215893371463688933&cicmp=1337627&cijs=1&dast=V7dHsCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHcVhUFiE0WZDY0wWq-Fys5ktRoPJbDKabUZLmJjFYjEarlajsWaxWIwms9VwCgZb-Jzu7jZwoOl0-Fz3et3vdxcdLS-H6e20uyx3veXnlwMAAADAAwBRSzTEjm9DewQAAACABM_ItQJFQMW_hcAFAAAAAAYAgVi4BgAURwH7jXaXPwAAHhRAAAAEMEIADsEVRAAAAABGAAAAAEgABBILSwAc7hZNAAAC_mL_K51OAAAADupknrZZ_v___2MA8t6bZAAo0jZuDHoAHnwAHoQAAAA-hoi5Z63cwRQLiQpUixgBAAAA5FZvkh5N6oTKour____fCuAKACDgL_a_Mi3r5qSYNQwAAABgbIEeFr_f7LBr_G6X_f________-b_Z8BoAlBCT-mBTGg2KvxjFwrrP0CAgCwvRsAwJsAXMwB2AEAAADc_f___-cBAAAI7VGyvVbj2aOs9xls4XO6u-s3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDTEg6pz6XxenYoH83E597ULHx9iuJpLFpu5YrWaK2ajVQIAAAAAAAAAWMKUeRMAAACA0yBms8lut-LGmz0TxFqtljUAAAAAt27kAA!&excid=22&tst=1&docw=0&cs=false
Frame ID: E1564C8DC121BBAECA5FF52549075790
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=B02133C1FC1226639681602768572&cicmp=1337627&cijs=1&dast=V7dvoCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHEKYLDabDWPGYUwms9lmOdvtFsvNajRZjpYwMYvFYjRcrUZjzWKxGE1mq-EUDLbwOd3dbeBA0-nwue71ut_vLjpaXg7T22l3We56y88vBwAAAIAHAKKWaIgd34b2CAAAAAAJnpFrBYqAin8LgQsAAAAADAACsXANACiOAvYb7S5_AAA8KIAAAAhghAAcgk-IAAAAAIwAAAAAkAAIJBaWADjcLZoAAAT8xf5XwpwAAAAc1Mk8bbP8____xwDkvTfJAFCkbdwY9AA8-AA8CAEAAHwM-cKS_njPqT8TFYgWMQIAAADIrd4kPZrUCZVF1f___78VwBUAQMBf7H9lUNbNSTFrGAAAAMDYAj0sfr_ZYdf43S77_________zf7PwNAE4ISfkwLYkCxV-MZuVZY-wUEAGB7NwCANwG4mAOwAwAAALj7____zwMAANDYo2R7rcazR1nvM9jC53R312_CFqPVZLJZDmfLxWQwHA1Ho_0J5HKAEzFYLieTxWS3Gq1Gm-FuNBssUCAGE6Ro0WCyGo0mi8lwNZqsZsvFbrdBilatZqPNYLiaTWa73Wo4GC5HI5ywxWg1mWyWw9lyMRkMR8PRaIgHVefS-bw6FQ_m43Luaxc-PsRwNZcsNnPFajVXzEarBAAAAAAAAACwhCnzJgAAAACnQcxmk91uxY03eyaItVotawAAAABu3cgB!&excid=22&tst=1&docw=0&cs=false
Frame ID: CC202BDC8F9722E0742D6683F17C5BB1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1
Frame ID: D19A92173703AEBE29BDF56B61D208A9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20110914/zrt_lookup.html?fsb=1
Frame ID: E9DB3D8602FA6F6E12814C8C5CB90926
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Frame ID: 039B6534EFCA77D8A2EC3A11E296E2BB
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=ECABE043CF121589451524359636&cicmp=1337627&cijs=1&dast=V7oWYCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHcVhUFiE0WZDY0wWq-FytBosZsPBZLUcrFZLmJjFYjEarlajsWaxWIwms9VwCgZb-Jzu7jZwoOl0-Fz3et3vdxcdLS-H6e20uyx3veXnlwMAAADAAwBRSzTEjm9DewQAAACABM_ItQJFQMW_hcAFAAAAAAYAgVi4BgAURwH7jXaXPwAAHhRAAAAEMEIADsFRRAAAAABGAAAAAEgABBILSwAc7hZNAAAC_mL_K2dPAAAADupknrZZ_v___2MA8t6bZAAo0jZuDHoAHnwAHoQAAAA-hqQ3G9idfCFqiApUixgBAAAA5FZvkh5N6oTKour____fCuAKACDgL_a_Mjjr5qSYNQwAAABgbIEeFr_f7LBr_G6X_f________-b_Z8BoAlBCT-mBTGg2KvxjFwrrP0CAgCwvRsAwJsAXMwB2AEAAADc_f___-cBAACE7VGyvVbj2aOs9xls4XO6u-s3YYvRajLZLIez5WIyGI6Go9H-BHI5wIkYLJeTyWKyW41Wo81wN5oNFigQgwlStGgwWY1Gk8VkuBpNVrPlYrfbIEWrVrPRZjBczSaz3W41HAyXoxFO2GK0mkw2y-FsuZgMhqPhaDTEg6pz6XxenYoH83E597ULHx9iuJpLFpu5YrWaK2ajVQIAAAAAAAAAWMKUeRMAAACA0yBms8lut-LGmz0TxFqtljUAAAAAt27kAA!&excid=22&tst=1&docw=0&cs=false
Frame ID: A0C3AA5ED056A5A22E4CF696CB1EDAF2
Requests: 1 HTTP requests in this frame

Frame: https://node228.impressionssl.adshop.infolinks.com/impression/?vh=1415704777&agy=414981&aid=637313&cid=640282&gid=643746&id=643752&st=1647958792&kwid=0&skw=license&sid=3241790_0&sip=3117783808&pid=15&tid=2&mime=image/png&dev=0&mtyp=502&agtyp=0&rid=3c640820-1335-4f96-93da-56f35757e8b9&idfa=&gaid=&site_cat=5
Frame ID: EFA440C368DD9CDC0A2CE10AE9A746F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11177003524201462228/GR_klima_728x90/GR_klima_728x90_1.html
Frame ID: FC2154CDF553EF9CCEF901C2AB697840
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AD2B8E6EF78400E390DA51A2F234FC06
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 903A161E9FFA3A72CEFF5734BFF07749
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 878B7796ED887531AB3603137EBD61B9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Frame ID: 465739E7E1F6C11F2F2CF09A2FAD15D6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: D638E27B173EDBF74DE5B81207398778
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

56e008e903a7e3a3b98e19f313435afe Malware Analysis Results | ThreatMiner.orgsearchsearch

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

438
Requests

95 %
HTTPS

41 %
IPv6

52
Domains

89
Subdomains

64
IPs

8
Countries

9529 kB
Transfer

18541 kB
Size

56
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://i.creativecommons.org/l/by/4.0/80x15.png HTTP 301
  • https://licensebuttons.net/l/by/4.0/80x15.png
Request Chain 75
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 77
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEI3NjdBNDYtNTA2MS00QUZGLTgwQzUtOUJGNjdDMUNFQTk2&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEI3NjdBNDYtNTA2MS00QUZGLTgwQzUtOUJGNjdDMUNFQTk2&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D8B767A46-5061-4AFF-80C5-9BF67C1CEA96 HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=8B767A46-5061-4AFF-80C5-9BF67C1CEA96 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3356&partner_device_id=8B767A46-5061-4AFF-80C5-9BF67C1CEA96 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3356&partner_device_id=8B767A46-5061-4AFF-80C5-9BF67C1CEA96
Request Chain 78
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=2843408346336645752
Request Chain 80
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-kNpO2QxE2uGKC2x9nFN8X4Ste.riUF8Ew15h9Oo-~A
Request Chain 81
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1647958791321 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1250940294 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1250940294 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/2ba16ead-3562-48a7-81d7-cfa46fe93e17 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55f5cc61-5e33-4350-845d-8732829256fd-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-55f5cc61-5e33-4350-845d-8732829256fd-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-55f5cc61-5e33-4350-845d-8732829256fd-003
Request Chain 82
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 84
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.threatminer.org%252Fsample.php%253Fq%253D56e008e903a7e3a3b98e19f313435afe&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.threatminer.org%25252Fsample.php%25253Fq%25253D56e008e903a7e3a3b98e19f313435afe%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&pid=12306&adnxs_uid=2843408346336645752
Request Chain 86
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=92a6f32d-36da-44dc-87a9-9edb1dba7fe8&partner_id=1531
Request Chain 87
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP22de5ea8-a9eb-11ec-8372-02e24adefb4c HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-xfH7ugBE2uG1NOdTrho4IENi3HgFJwtj~A~UP22de5ea8-a9eb-11ec-8372-02e24adefb4c
Request Chain 90
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D8B767A46-5061-4AFF-80C5-9BF67C1CEA96 HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=8B767A46-5061-4AFF-80C5-9BF67C1CEA96
Request Chain 91
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=5131077720956860077
Request Chain 104
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjnbBjS4PehpXSLSwhYw9AAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YjnbBjS4PehpXSLSwhYw9AAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHNUYob_wfPu8I9puuAeWFU&google_cver=1&gdpr=1
Request Chain 106
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjnbBjS4PehpXSLSwhYw9AAABG8AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjnbBjS4PehpXSLSwhYw9AAABG8AAAIB&dcc=t
Request Chain 109
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACXR07Ec7YAADH5JbgpTg&expiration=1649168391&gdpr=1
Request Chain 110
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=6f272d75-955e-dd6c-c2975258
Request Chain 118
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1647958791015&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647958791015&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&c9=
Request Chain 119
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1647958791016&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1647958791016&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&c9=
Request Chain 346
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 444
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 445
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 447
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

438 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sample.php
www.threatminer.org/
25 KB
7 KB
Document
General
Full URL
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afa4429500bc68b1b9c5cc6e07075cf1bcdeb46c80643c17d928f4cea193961e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTvte5r%2F%2FedJecN6p9SHRBWHRjavPRdn6pDrmY9c2AeulovdureIuSkblku64rG%2BNVS4grJ74NVAmEgcsTpFiMK9xEl%2FFS82ZwynS5t8l5q0bQI%2BgG7CEOCYJLy14anduCqfvnflI1EzJhPWnKLj3vA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6eff9085ed32692d-FRA
content-encoding
br
bootstrap.min.css
www.threatminer.org/bower_components/bootstrap/dist/css/
115 KB
20 KB
Stylesheet
General
Full URL
https://www.threatminer.org/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
5933
etag
W/"1ca39-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVvlDN0yP%2FH3ryUN3ge5Ha22aDLvlpwdiES60eZ2ufarqC8s%2FKfvhiSrRl3ZyntplyJe5cpfNjew0348A2BC0Ikd2T%2B8nRiV9UKZjevrjg25XFfOgB4KZyO9qhwunPETm7NHNIEM3VJlafvS4ai%2BhnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff90865e60692d-FRA
metisMenu.min.css
www.threatminer.org/bower_components/metisMenu/dist/
781 B
707 B
Stylesheet
General
Full URL
https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
5933
etag
W/"30d-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BlzsQLaGaBvrLvOvadj4GUYvOu1wA1Mk%2BcMa2x0s2Cp%2FPOkfrnkQYtIA4VHoxYs4Rfv8mvV%2BwVkn%2BvzKzY16zvruglm3rebbI%2BNV9bQ0TnuvtG5QeuYIkTLuIFUhysIe8e7cvYeBp9s3XqKkJ1Ig5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff90865e61692d-FRA
dataTables.bootstrap.css
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac55d188233bffb66023997fcdf69c38df2f62ee4654ad62c61a85b6e81d705

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4514
cf-polished
origSize=7616
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
etag
W/"1dc0-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRWf7uUN3KjbelDYKKQeHj4Xjm1iYnAwTQPvf%2FQgNlT2Sh5dvwva08UJnkCUba%2B8ZgE916PVq74Kir3A9C5RwyNwlb8piXu5Bqvtp7R%2FdAvO%2Bn5cCFd7jeN1YT0gX8FKI2bTv%2BgLEKZPSjnQrc3G1sk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6eff90865e62692d-FRA
cf-bgj
minify
dataTables.responsive.css
www.threatminer.org/bower_components/datatables-responsive/css/
3 KB
876 B
Stylesheet
General
Full URL
https://www.threatminer.org/bower_components/datatables-responsive/css/dataTables.responsive.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c692f0d15d92d902c12d745947ba1f892a76bbf3f74c6f3a9f590afd0653ee04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4514
cf-polished
origSize=3051
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
etag
W/"beb-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqCB%2Fpwb%2F69AZr5%2BTTv0Rvle4nobVcNioxAzeQxFgy%2BKZKkpVduy5XiuijWwofiyrW65oolU8fxEJSqrDKpgvcfekx7CcRZJDxxvxvJIJfV4KTVcSjHhx3vm5S1uqsIeDuBYzxJYaooOrB5yVKv%2FBuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6eff90865e63692d-FRA
cf-bgj
minify
buttons.dataTables.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.dataTables.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 13:08:48 GMT
server
cloudflare
age
4514
etag
W/"1f58-54e761fab9800-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxORHuV86kXU5uuGvnVb6weJo3M9CejGPLcO675JXmSvju8BoZt25%2BVQYKJomc%2Bhg9zGOJTL0ZIwMIF83W9Xu%2FA4qOiK3TBjZEwuccu9uyeVF6EGH5Bs77zobw%2F1HlYvwNkP7Rv4G%2Fg4j6H8OIXVbp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff90865e65692d-FRA
buttons.bootstrap.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/
2 KB
919 B
Stylesheet
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.bootstrap.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 13:02:52 GMT
server
cloudflare
age
4514
etag
W/"626-54e760a737700-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maPUodliTISCr5rAU4UPr%2BxjAZCUCB4IgYPm09pqlW%2BW8pIhIdyBaNZOHfh9te3ld6VwGNYMQHODPesio2NLTbCzi0FcG0DvgsjK9XNpBwQMI8BU7nUHgLKcowI25VTdJUKWaiDup%2Bvz35F6VDnJeWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff90865e66692d-FRA
sb-admin-2.css
www.threatminer.org/dist/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.threatminer.org/dist/css/sb-admin-2.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d6e541020cbfdddf888aa2c42ad1c8d2296f9045709983354441032e2eb55d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4514
cf-polished
origSize=5638
last-modified
Sat, 02 Jan 2021 17:59:17 GMT
server
cloudflare
etag
W/"1606-5b7ee9d93cc8e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qu2kvGo%2BoqDcHq4YPp68MSBmS2ERI9ZyHPlDr342frrc2wldL8JohndqXreQyvQJ3Zwry6Cgb5mxe6dkqj84mgLg32GmKZgqkCOewGa8%2FcWM%2FAZrM55pzWPiLvPnI8frhspENZ1FESuX53SeowD1Uj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6eff90865e67692d-FRA
cf-bgj
minify
font-awesome.min.css
www.threatminer.org/bower_components/font-awesome/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
4514
etag
W/"55e0-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yH27yJYZzcaAcj7NyEgIohrMDfaJhf6a7QP2c3rUzexWDVav9NIjdirPObAoHw0PcuYiReXNQdW9eAechMoEESpSNdmMQSwc3ovBB%2F8P8vKOBlrjnwd2VYWHwJCMmGtuFBTJyBvEE6CxYvGq1ls0CJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff90865e69692d-FRA
social-share-kit.css
www.threatminer.org/dist/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.threatminer.org/dist/css/social-share-kit.css
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60adb5d029ec8a5d4613d7d57ff8a799c43caae1d1d1c2e5c230d65850fd5273

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4514
cf-polished
origSize=12273
last-modified
Fri, 16 Dec 2016 10:13:34 GMT
server
cloudflare
etag
W/"2ff1-543c3d291af80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UemhGikWOBx4LWy8XcgpjSHw95o%2FJ8ysAp5Xx2ldKSttk6f94yTwkLyo2EUWGmfUvEiz%2Ft9s7p2%2Bi71DqbpwTSv4W1E2PIdzCK2YAu5GzFk86dV8Gavz%2BcHgbi2%2BdavIGVmgsWEjHJl%2B7d2W8alVohk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
6eff90865e6b692d-FRA
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acba8956287ec74ba144c311b37acd17330423a5e9449a8f12ddefe839af3079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54904
x-xss-protection
0
server
cafe
etag
4773210964264465484
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Mar 2022 14:19:50 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 14:19:50 GMT
Content-Encoding
gzip
Age
154
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (frb/67AA)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
ajax-loader.gif
www.threatminer.org/images/
3 KB
3 KB
Image
General
Full URL
https://www.threatminer.org/images/ajax-loader.gif
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934abde684325043e16edeffd73752cd5f0ab00b5723d8e47a618ce3f16a3799

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4514
cf-polished
origSize=2608
content-length
2599
last-modified
Sat, 17 Oct 2015 00:26:24 GMT
server
cloudflare
etag
"a30-52241f64ccc00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5KvkFjlGEHzlO%2FNCEa3lCyy1GXOMdpG38N3ENdRQxI%2FaIXPvIkR2daq3hV9N3q5P145H7IDpBhjPs7i0K1zyv%2Fc3rBAc65MfFbrFJ3avOIYbK3ae9JoGSi1qBsdBrNEoeU3vF%2BtUNS94832sGEzRxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6eff9086bf1c692d-FRA
cf-bgj
imgq:100,h2pri
jquery-1.12.4.min.js
www.threatminer.org/bower_components/jquery/dist/
95 KB
34 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/jquery/dist/jquery-1.12.4.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 12:15:38 GMT
server
cloudflare
age
4514
etag
W/"17b8b-54e7561880e80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0Q2ykR3WyvuCQVOVfXOVHm%2BDy6u2%2BXzExZCGlk6zxhwd8jPJzYVoR13o1Lu%2BFD2b3zjUFYRSt%2FX9SHAALgqkqVYZxGlJvneG01XIPtjO3mH22Qjm12zpsc4RHcKuzWBUgC0ZKvkFdxz9Vx3MO6aKNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086aee1692d-FRA
bootstrap.min.js
www.threatminer.org/bower_components/bootstrap/dist/js/
35 KB
10 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
5933
etag
W/"8c6f-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5L3tp0eQVmHkc1hWJQhAEsnjstKqwJR%2FLP6bEzSI7e18UouRc5%2BNQss3wo8iy5A%2FBVNLkOatRfEMj0dYE3rxbYWrWVY3UfP6C01uWdM9GaKKW4cKiTFZsixKu5tfSkH2b1r13Dhr58Eb%2FZAqAo8WsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086aee3692d-FRA
metisMenu.min.js
www.threatminer.org/bower_components/metisMenu/dist/
2 KB
1 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
4514
etag
W/"757-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvGuKlCGTsiqhFnUk6IYZNRCbAzTV62WdUJD7MD6hK1HP4oQH8bZp5THECdhYk7xeMWttsAmksCCkJ3ZhfK9BEue0AopZu8HdCPEE%2F%2FjGcMCWjCs4S6YU3mnd4IIX0YegcC%2FAzP%2FN0bhOVNHIlTxmc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086aeef692d-FRA
jquery.dataTables.min.js
www.threatminer.org/bower_components/datatables/media/js/
81 KB
29 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/datatables/media/js/jquery.dataTables.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 12:24:55 GMT
server
cloudflare
age
4514
etag
W/"14544-54e7582bb33c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T2ZYMGWih2o8ujOlrVQMKuDZa01v2OX9nBFpIRT%2BWtVpDhdScFd5DRAE7qCiK93QHGhE2EkTojAVvcOlX7lUMY8%2B3Z76ZCYgiXmJzbFie1q6IRxdQIQkIq97LzQqhVOmb8LrLG9SIGQeuEyLO9QJAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086bf0b692d-FRA
dataTables.bootstrap.min.js
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/
2 KB
1 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
4514
etag
W/"796-51434f58bfb80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PusZEzHEnF0ZReivwToiLZUYhUMb8aGwAU2yDSCBGsDek30tYFYsrhRMY8bzLLjzVJ1pNor%2BahY315LVU55bDgXU7l8WHpSH4xC4iQO0c4k%2Bcn35RFgGc6Mz8Ls7PMHxCZiOy1JN9f2lJ6w%2Fy2GcQ4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086bf0e692d-FRA
dataTables.buttons.min.js
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/
16 KB
6 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 12:34:43 GMT
server
cloudflare
age
4514
etag
W/"4088-54e75a5c75ec0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3Ha8tBCqNlu5KKqIkdZZj%2BIA2I4SDO3StawAV8TRaBD%2F154M7ctqq5WSdwT%2B7luWChNPD%2Bf%2F6b1VrZPypar8HzGGtdtpn47MzXI8LTy3B0quJBdsIhCGTx%2BtkwNB777apM%2FC9joRjU4HA1sksqsAqw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086bf0f692d-FRA
pdfmake.min.js
www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/
1 MB
391 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 11:37:06 GMT
server
cloudflare
age
4514
etag
W/"106721-54e74d7b9bc80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYSTEaxh5y0a22r1uexzc7n6q2ZZ0xbF7%2BRRVU7A8b2eEotz772v59ONxgg%2FBJSZozSSG1yvR7d5FnDSUcjrm9M%2Frrh0kZ1wM%2FzkCMMsj7FrZTmjIiOfQBteSogMhNFl%2F0JNhifFdI6k1H8%2BgO0lwKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086bf12692d-FRA
jszip.min.js
www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/
100 KB
31 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/jszip.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 11:36:59 GMT
server
cloudflare
age
4922
etag
W/"18e33-54e74d74eecc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpcyxn%2Bfy8YSlKd%2Bi9zVbHDu6m74vTgBmqIJNGdXCjbjDwOliTyVd3zYpqi%2BWEqcZiX3f7tWk6c%2BX7%2BfMpczFw%2FRToS5S5UmIZXb6EWwhd%2BPTb6eY1KcwC%2FtAWlsUyIa%2B5%2BSBOabU58EChVj3gFqHCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086bf14692d-FRA
vfs_fonts.js
www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/
933 KB
455 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecee1d502f45731162f99f4d6aa07c0315a26a8382c1b1bc3c9958ab3ff04000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4922
cf-polished
origSize=955603
last-modified
Mon, 01 May 2017 11:37:11 GMT
server
cloudflare
etag
W/"e94d3-54e74d80607c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kK2zkrwLe4EZZ7yqx6NWW2dN0TLLIpVQs1edjffCA6BkJmjnouUTJMnZkKf%2BvoRqVQiyyDenHOaEapBE7iShwGJh5Zd8C6bpawn%2Bmh0DUcjyEnyJwrr%2BbLYQX0nttfthwzwRfd16G5eBviHy9JjdbuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6eff9086bf15692d-FRA
cf-bgj
minify
buttons.html5.min.js
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/
23 KB
6 KB
Script
General
Full URL
https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2017 11:37:16 GMT
server
cloudflare
age
4514
etag
W/"5b7a-54e74d8525300-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOpKYfBqraQgh4KqicS2wWlhJAvvUjRHYnXNIbaCHZE%2BgV%2BAIRSDl4Rh%2Bb8ZVX3v7%2BYDKWrU%2BNBpqrdgvGikRlk1qYEYXugPdbLyU4pQmcVrV2xPdOf%2F%2Bd2i%2FbAa0TQlFIDtDiRJdkZJwS73waCp1eo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086bf17692d-FRA
sb-admin-2.js
www.threatminer.org/dist/js/
756 B
719 B
Script
General
Full URL
https://www.threatminer.org/dist/js/sb-admin-2.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed99491fe47b5733d1ad2fbf90f5d9066d049a530d1b92ebe47be5e0c527a32e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5933
cf-polished
origSize=1181
last-modified
Sat, 25 May 2019 17:16:01 GMT
server
cloudflare
etag
W/"49d-589b97821f640-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJV6CcGuNoz057z7ldY3IeJE8jtiQan3461Ac06%2FATlLjPrfNCk3A1BVdI8lzo7K0889d1w096VeNv8hWJesNrjrPWbtAHKKSADV%2FUJQqXuy%2FckwSx2sNgPg1JjQaheBvfJGeTBIqnAZrYEcdYFoaZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6eff9086bf18692d-FRA
cf-bgj
minify
tm_utility.js
www.threatminer.org/dist/js/
8 KB
2 KB
Script
General
Full URL
https://www.threatminer.org/dist/js/tm_utility.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e725928ffb665a91ca8a3631e3002edba9b0f9ec66b40a59d53db0f44827e34e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6064
cf-polished
origSize=10497
last-modified
Mon, 22 Nov 2021 16:06:03 GMT
server
cloudflare
etag
W/"2901-5d162cd378793-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UaEvIjO4azsWXePm%2FKffh1DkEQeoWddIn%2FJOIC3sqUdtiGzfe6Alml1j5ebRkQ6jVrBcznXz4D8iQF7i3JOiEYaxiEboN8p59VHBY3CMr0zmIyxtYu3TdIWQwXz5Sasn4KuOsGVTJVi0QY30z7UhUs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6eff9086bf19692d-FRA
cf-bgj
minify
social-share-kit.min.js
www.threatminer.org/dist/js/
6 KB
3 KB
Script
General
Full URL
https://www.threatminer.org/dist/js/social-share-kit.min.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Mar 2019 16:07:52 GMT
server
cloudflare
age
4514
etag
W/"179c-583ab8aa0e600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFsfcDUR%2FhdPeH9gIuXyhZaCpBdrSvS7ZbJrt59b6ajcu0qgieDn2QqgIx02xuqcmAnsZ6Zbe0c9FQXbXXi4l9uQ20EFd9Be3q1NdUCxG15ObGM28ZV2IKh5i9PAgHeAPVHCTLXMFJ9KUR2l3VazLOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086bf1b692d-FRA
80x15.png
licensebuttons.net/l/by/4.0/
Redirect Chain
  • https://i.creativecommons.org/l/by/4.0/80x15.png
  • https://licensebuttons.net/l/by/4.0/80x15.png
430 B
1 KB
Image
General
Full URL
https://licensebuttons.net/l/by/4.0/80x15.png
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Server
2606:4700:20::681a:5d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43d4d35e7ac1e815dc0c8897806e30d928ee62e1aa6ac20f49c649f8b694004
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2457
cf-polished
origSize=640
vary
Accept-Encoding
content-length
430
x-xss-protection
1; mode=block
last-modified
Thu, 30 Apr 2020 21:59:13 GMT
server
cloudflare
x-frame-options
deny
etag
"5eab4a31-280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CXz7vb63uT%2BfzFS%2FifQte15%2BAe7xY77Xs4rItLhZGLPRb3VMPjj1lk1yHkqIvr8saorybw%2FoJp8ZCFmOdOEKBIrFtmRynBUaKM8hh2WV0SKaPGy%2F54G5XHUOJv5O23D1OXxNKZB9r%2BxFclT0%2FjAhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
6eff9087694d5bf5-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Tue, 22 Mar 2022 14:19:50 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
704
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
deny
content-type
text/html
location
https://licensebuttons.net/l/by/4.0/80x15.png
cache-control
max-age=432000
strict-transport-security
max-age=15768000
cf-ray
6eff9086fe0192a1-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
infolinks_main.js
resources.infolinks.com/js/
3 KB
2 KB
Script
General
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace69c570be8661dd9976b64fdec65170788bca6da18bcc5939376458121fe4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
6eff9086ed369978-FRA
date
Tue, 22 Mar 2022 14:19:50 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 21 Mar 2022 18:21:23 GMT
server
cloudflare
age
14284
etag
W/"d36-5dabe904e8213"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Tue, 22 Mar 2022 11:21:46 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
904
date
Tue, 22 Mar 2022 14:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 22 Mar 2022 16:04:46 GMT
fontawesome-webfont.woff
www.threatminer.org/bower_components/font-awesome/fonts/
64 KB
64 KB
Font
General
Full URL
https://www.threatminer.org/bower_components/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer
https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Origin
https://www.threatminer.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2015 05:02:54 GMT
server
cloudflare
age
3835
etag
W/"ffac-51434f58bfb80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTuNhCkZRg1wpL3Nho1Jh%2BBLtGDL9ZTjKM6FjgUFRf8wQjHnMEDPZenBLreIcH4WOedKG6NU192x7YdE3yePTZSlG69FgJYlGvQU096TAv7pZLePW3qQ8c2ZQ2kLHoGjhpfuNFDuI5t7xOnxeG68Izw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086bf1d692d-FRA
embed.js
threatminer.disqus.com/
78 KB
25 KB
Script
General
Full URL
https://threatminer.disqus.com/embed.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
f78dc99c9429308b9954c5308aa377315d6d2ba3894659448496ef0fd9c7bd17
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 14:19:50 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25439
Cross-Origin-Resource-Policy
cross-origin
social-share-kit.woff
www.threatminer.org/dist/fonts/
7 KB
7 KB
Font
General
Full URL
https://www.threatminer.org/dist/fonts/social-share-kit.woff
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/dist/css/social-share-kit.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697c41fffac431521f2db48c7426ac23b972b6eb7b1242f0bb47d6079884d3a4

Request headers

Referer
https://www.threatminer.org/dist/css/social-share-kit.css
Origin
https://www.threatminer.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2016 10:13:34 GMT
server
cloudflare
age
3835
etag
W/"1b08-543c3d291af80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X0qG2OVuaJrTUF3L0WYQ43i5ho7U4k%2FYuKsSEsIHFLpCIaMETWn9Jfn%2FHwsgmPXFDdVfiqNAFqxwAPtR8yNS%2F2o3%2BefdCqp660kjZDRvZx8BPsOG%2FMTVB%2FcTA%2BExFd8WYwaMw2g6HZEm5Kk3ysopIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6eff9086cf25692d-FRA
getReport.php
www.threatminer.org/
0
312 B
XHR
General
Full URL
https://www.threatminer.org/getReport.php?e=notes_container&t=2&q=56e008e903a7e3a3b98e19f313435afe
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:feb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzIW8MGp1x1H%2FmTJwqvEU4ZeDSYEDM1gDJMXdfhT%2FqdFzHyp6snCRykbm5h%2FjMl2RyzUYn3AJZOM5EFhgsTXqUChKHACYphXiBjH3vEab9uTA8Ft2XsaGL%2Bja7bA4opO718q%2FGli56HIdNos1H9Grac%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6eff908849f0692d-FRA
ice.js
resources.infolinks.com/js/1789.003-3.025/
178 KB
55 KB
Script
General
Full URL
https://resources.infolinks.com/js/1789.003-3.025/ice.js
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bfdbf5f5eec59ff6ec78cb4fa062c0797c9e9e8a0e8b39740bc6e67aa33c7d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
6eff90884f769978-FRA
date
Tue, 22 Mar 2022 14:19:50 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 16 Mar 2022 08:23:27 GMT
server
cloudflare
age
6394
etag
W/"2c658-5da51a0c1cdf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Thu, 21 Apr 2022 12:33:16 GMT
cse.js
cse.google.com/
10 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse.js?cx=009665096751685288782:o6_z_tmwsge
Requested by
Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=56e008e903a7e3a3b98e19f313435afe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
1ebb3517513b70fa9a58d0987ea7d7860da4476152593154ddc7274df199258c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3493
x-xss-protection
0
server
gws
expires
Tue, 22 Mar 2022 14:19:50 GMT
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame EF41
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.threatminer.org
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
575052
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Mar 2022 14:19:50 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67AA)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
collect
www.google-analytics.com/j/
2 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1115656681&t=pageview&_s=1&dl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe&ul=en-us&de=UTF-8&dt=56e008e903a7e3a3b98e19f313435afe%20Malware%20Analysis%20Results%20%7C%20ThreatMiner.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=775546526&gjid=636711059&cid=288048568.1647958790&tid=UA-73787980-1&_gid=663742177.1647958790&_r=1&_slc=1&z=394967330
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.threatminer.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 14:19:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.threatminer.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/
0
26 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 19:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68016
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26078
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 21 Mar 2022 19:03:40 GMT
server
nginx
etag
"6238cc0c-65de"
content-type
text/css; charset=utf-8
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
expires
Tue, 21 Mar 2023 19:26:14 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
fkYe-1sDmVtOhiis6AlguqoqSv0q9JK3V2Q_Qbe8zSfu1xvqh0TX_A==
x-cache-hits
0
common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js
c.disquscdn.com/next/embed/
0
93 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 22:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1094580
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94746
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 09 Mar 2022 21:55:40 GMT
server
nginx
etag
"6229225c-1721a"
content-type
application/javascript; charset=utf-8
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
expires
Thu, 09 Mar 2023 22:16:50 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
C1jlNHuY3VX4kawNziOPvGwSHSpizi59s4LlArCQ5wc-5Umst9EqLw==
x-cache-hits
0
lounge.bundle.90614da243fa6052a038b5539f5086e5.js
c.disquscdn.com/next/embed/
0
121 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.90614da243fa6052a038b5539f5086e5.js
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 19:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68016
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
123045
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 21 Mar 2022 19:03:40 GMT
server
nginx
etag
"6238cc0c-1e0a5"
content-type
application/javascript; charset=utf-8
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
expires
Tue, 21 Mar 2023 19:26:14 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
a_hzqEdCv0aI5iS18CG1xGdhKPMC-rKLd7ciW40ibX2Zc-VtFT8MjA==
x-cache-hits
0
config.js
disqus.com/next/
0
15 KB
Other
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 14:19:50 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
51
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
14710
X-XSS-Protection
1; mode=block
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/
297 KB
107 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5720763271532377&plah=www.threatminer.org&bust=31065702
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4eafe722db0cddc9c3d79cc271e97598833c51f463faeb0b8f3a40f4db83c6f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109609
x-xss-protection
0
server
cafe
etag
16915179868501335202
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Mar 2022 14:19:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 138F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 21 Mar 2022 23:16:13 GMT
expires
Mon, 04 Apr 2022 23:16:13 GMT
cache-control
public, max-age=1209600
age
54217
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
settings
syndication.twitter.com/ Frame EF41
293 B
466 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=2d40762f62cd6bb41c005158c8840808fb6c7a2a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fwww.threatminer.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
107
date
Tue, 22 Mar 2022 14:19:50 GMT
content-encoding
gzip
last-modified
Tue, 22 Mar 2022 14:19:50 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
8ac1a01f73d0799f4081584eca9caf0ab38e2a234e4b06f6694122b1ee80b0a1
content-length
186
manage
router.infolinks.com/usync/ Frame A2EC
10 KB
2 KB
Document
General
Full URL
https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D56e008e903a7e3a3b98e19f313435afe
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1789.003-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f4726d397a53427c2057a941a24dfe03156a6b6be251a47ddb1cbbc59745bf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.threatminer.org/

Response headers

date
Tue, 22 Mar 2022 14:19:50 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6eff9089494d9978-FRA
content-encoding
gzip
lcmanage