urlscan.io logo urlscan.io
SecurityTrails logo

www.comparitech.com Open in urlscan Pro
209.58.173.178  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.comparitech.com/net-admin/malicious-code/
Submission: On November 16 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 209.58.173.178, located in Singapore, Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is www.comparitech.com. The Cisco Umbrella rank of the primary domain is 311878.
TLS certificate: Issued by R3 on October 10th 2023. Valid for: 3 months.
This is the only time www.comparitech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 209.58.173.178 59253 (LEASEWEB-...)
1 104.74.33.8 16625 (AKAMAI-AS)
4 172.217.167.104 15169 (GOOGLE)
1 139.99.133.174 16276 (OVH)
7 172.217.24.46 15169 (GOOGLE)
20 6
7    209.58.173.178 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: edge.presslabs.net
www.comparitech.com
cdn.comparitech.com
1    104.74.33.8 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-33-8.deploy.static.akamaitechnologies.com
cdn-3.convertexperiments.com
4    172.217.167.104 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f8.1e100.net
www.googletagmanager.com
1    139.99.133.174 (Sydney, Australia)

ASN16276 (OVH, FR)
PTR: vps-3a55735c.vps.ovh.ca
pro.ip-api.com
7    172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
7 comparitech.com
www.comparitech.com — Cisco Umbrella Rank: 311878
cdn.comparitech.com — Cisco Umbrella Rank: 311518
280 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
350 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6032
466 B
1 convertexperiments.com
cdn-3.convertexperiments.com — Cisco Umbrella Rank: 24954
131 KB
20 5
Domain Requested by
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.comparitech.com
5 cdn.comparitech.com www.comparitech.com
4 www.googletagmanager.com www.comparitech.com
www.googletagmanager.com
www.google-analytics.com
2 www.comparitech.com www.comparitech.com
1 pro.ip-api.com www.comparitech.com
1 cdn-3.convertexperiments.com www.comparitech.com
20 6
Subject Issuer Validity Valid
www.comparitech.com
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.convertexperiments.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-09 -
2024-11-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.comparitech.com/net-admin/malicious-code/
Frame ID: 71C2ED86AA5020938AA0334C91255A70
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Malicious Code: What is it and How to Prevent it - 2023 GuideSearchSearchTwitter iconSolarWinds

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

782 kB
Transfer

2346 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.comparitech.com/net-admin/malicious-code/ 		658 KB
208 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.58.173.178 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
670162ad189922baf94c2f4e360d10481723c1c4fb2fb978bab467878a614350
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 22:07:51 GMT
last-modified
Wed, 15 Nov 2023 13:05:24 GMT
link
<https://www.comparitech.com/wp-json/>; rel="https://api.w.org/" <https://www.comparitech.com/wp-json/wp/v2/posts/351094>; rel="alternate"; type="application/json"
server
nginx
vary
Accept-Encoding, Cookie
x-frame-options
SAMEORIGIN
x-presslabs-stats
HIT; 0.139s; 34 queries; desktop; ttl 14515200s; refresh in 14396253s
x-request-id
2f0259bc763639ae54cbc125a8e36bae
10021806-1002820.js
cdn-3.convertexperiments.com/js/ 		500 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-3.convertexperiments.com/js/10021806-1002820.js
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.33.8 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-33-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7a8b3dc5e29592a5d5c1880d9cc2086b2964282e0b27673d9b4c6e7bed0b3ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=29
x-privacy-policy
You can find our privacy policy at https://www.convert.com/privacy-notice/
content-length
133411
6uK9szCotqRV.js
www.comparitech.com/ 		83 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.comparitech.com/6uK9szCotqRV.js?ts=54471
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.58.173.178 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
6cddb69ed120db073795c5c2a04676214476161606e518f483689b93bd928ae3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
content-encoding
gzip
server
nginx
x-presslabs-stats
desktop
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-request-id
98bb6de59d294cdb26506d3e79b33f71
expires
Thu, 01 Jan 1970 00:00:01 GMT
gtm.js
www.googletagmanager.com/ 		264 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TX6HJV
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c9fbc9ebb037fcca34098b3168f0fc630b675bbe0a8dc2b9560476454bad6a1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87829
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Nov 2023 22:07:52 GMT
What-is-Malicious-Code.webp
cdn.comparitech.com/wp-content/uploads/2021/08/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.comparitech.com/wp-content/uploads/2021/08/What-is-Malicious-Code.webp
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.58.173.178 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
3d58f1b89f2f7b3e3d2b21719918c44b2e5f50cf32fb5d034d6a6bf006056090

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
last-modified
Sun, 29 Aug 2021 11:27:05 GMT
server
nginx
etag
"612b6f09-8ac0"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
35520
x-request-id
130d5a3fe07056377ecf20fcb60e6fb7
expires
Thu, 31 Dec 2037 23:55:55 GMT
1x1.trans.gif
cdn.comparitech.com/wp-content/themes/comparitech-2018/images/ 		42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.comparitech.com/wp-content/themes/comparitech-2018/images/1x1.trans.gif
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.58.173.178 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
last-modified
Sat, 14 Oct 2023 02:26:29 GMT
server
nginx
etag
"6529fc55-2a"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
content-length
42
x-request-id
1d34d457c31a2259badad62a5699c360
expires
Thu, 31 Dec 2037 23:55:55 GMT
solarwinds-essential-tools-bundle.png
cdn.comparitech.com/wp-content/themes/comparitech-2018/static/img/popups/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.comparitech.com/wp-content/themes/comparitech-2018/static/img/popups/solarwinds-essential-tools-bundle.png
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.58.173.178 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
a462f11e8bf18200ba1d3b55df59af42bacf7f0a4eda83f6a169b82dc7152845

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
content-encoding
gzip
last-modified
Sat, 14 Oct 2023 02:26:29 GMT
server
nginx
etag
W/"6529fc55-55b6"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
1d34d457c31a2259badad62a5699c360
expires
Thu, 31 Dec 2037 23:55:55 GMT
akismet-frontend.js
cdn.comparitech.com/wp-content/plugins/akismet/_inc/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.comparitech.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1697250388
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.58.173.178 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
content-encoding
gzip
last-modified
Sat, 14 Oct 2023 02:26:28 GMT
server
nginx
etag
W/"6529fc54-29ed"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
1d34d457c31a2259badad62a5699c360
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
414457089c19439b7d1c394ab32dd7ee1797634a468241b37c72a2ecdcfdd792

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/jpg
manage_engine_300x250.jpg.webp
cdn.comparitech.com/wp-content/uploads/2023/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.comparitech.com/wp-content/uploads/2023/08/manage_engine_300x250.jpg.webp
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.58.173.178 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
0979f6e5528f24c1fc0ad28649d7a44bfafedfa8c55db3d88893dfdac788e595

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
last-modified
Tue, 15 Aug 2023 10:07:28 GMT
server
nginx
etag
"64db4e60-2b8a"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
11146
x-request-id
2d82f3ae44f6ab9166298de0c6dcde68
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
pro.ip-api.com/json/ 		284 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=koxgS94M2RrKa3r
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.99.133.174 Sydney, Australia, ASN16276 (OVH, FR),
Reverse DNS
vps-3a55735c.vps.ovh.ca
Software
/
Resource Hash
34030530b1ff67bf0b1da808ef69c3687b97253c46abc90e752762da03c3815b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.comparitech.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.comparitech.com
Date
Thu, 16 Nov 2023 22:07:52 GMT
Content-Length
284
Content-Type
application/json; charset=utf-8
js
www.googletagmanager.com/gtag/ 		263 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-594Q6WX0ED&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6HJV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8b9672926ce850def6da5b8b9bf95e7d0dd12c30c8d3979218ad516ec4c19e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 22:07:52 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MDHRS9ZYXE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6HJV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
08049086e9852d596fd6e91c8a0a12701ff1f473636d108ea8c750bcf79cac52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92897
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 22:07:52 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6HJV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 16 Nov 2023 21:52:35 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
917
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 16 Nov 2023 23:52:35 GMT
collect
www.google-analytics.com/j/ 		15 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1566863870&t=pageview&_s=1&dl=https%3A%2F%2Fwww.comparitech.com%2Fnet-admin%2Fmalicious-code%2F&ul=en-us&de=UTF-8&dt=Malicious%20Code%3A%20What%20is%20it%20and%20How%20to%20Prevent%20it%20-%202023%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1054809350&gjid=2055827505&cid=1256778343.1700172473&tid=UA-69014652-1&_gid=1757141294.1700172473&_r=1&_slc=1&gtm=45He3b81n71TX6HJVv71649924&gcd=11l1l1l1l1&dma=0&z=18367450
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
9bae2410294b240e904b78d476d4875b1821eb98e40189f5f62aa720729dbfb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.comparitech.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 22:07:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.comparitech.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1566863870&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.comparitech.com%2Fnet-admin%2Fmalicious-code%2F&ul=en-us&de=UTF-8&dt=Malicious%20Code%3A%20What%20is%20it%20and%20How%20to%20Prevent%20it%20-%202023%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Data&ea=Device&el=d&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1256778343.1700172473&tid=UA-69014652-1&_gid=1757141294.1700172473&gtm=45He3b81n71TX6HJVv71649924&gcd=11l1l1l1l1&dma=0&z=215274463
Requested by
Host: www.comparitech.com
URL: https://www.comparitech.com/net-admin/malicious-code/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 21:53:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
841
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		254 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-85Q6K905JF&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
303626f0dad9add721ac911e428476b2b7e1a6fa17f8e067dce4ff35c47d696b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 22:07:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 22:07:52 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MDHRS9ZYXE&gtm=45je3b81v9168057853z871649924&_p=1700172472072&gcd=11l1l1l1l1&dma=0&cid=1256778343.1700172473&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700172472&sct=1&seg=0&dl=https%3A%2F%2Fwww.comparitech.com%2Fnet-admin%2Fmalicious-code%2F&dt=Malicious%20Code%3A%20What%20is%20it%20and%20How%20to%20Prevent%20it%20-%202023%20Guide&en=page_view&_fv=1&_ss=1&tfd=1343
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDHRS9ZYXE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 22:07:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.comparitech.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-594Q6WX0ED&gtm=45je3b81v867600485z871649924&_p=1700172472072&gcd=11l1l1l1l1&dma=0&cid=1256778343.1700172473&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700172472&sct=1&seg=0&dl=https%3A%2F%2Fwww.comparitech.com%2Fnet-admin%2Fmalicious-code%2F&dt=Malicious%20Code%3A%20What%20is%20it%20and%20How%20to%20Prevent%20it%20-%202023%20Guide&en=page_view&_fv=1&_ss=1&ep.path_clean=%2Fnet-admin%2Fmalicious-code%2F&tfd=1372
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-594Q6WX0ED&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 22:07:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.comparitech.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-85Q6K905JF&gtm=45je3b81v9126112929&_p=1700172472072&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1256778343.1700172473&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.comparitech.com%2Fnet-admin%2Fmalicious-code%2F&dt=Malicious%20Code%3A%20What%20is%20it%20and%20How%20to%20Prevent%20it%20-%202023%20Guide&sid=1700172472&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1591
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-85Q6K905JF&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 22:07:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.comparitech.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1566863870&t=timing&_s=2&dl=https%3A%2F%2Fwww.comparitech.com%2Fnet-admin%2Fmalicious-code%2F&ul=en-us&de=UTF-8&dt=Malicious%20Code%3A%20What%20is%20it%20and%20How%20to%20Prevent%20it%20-%202023%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1600&pdt=372&dns=0&rrt=0&srt=95&tcp=292&dit=807&clt=867&_gst=729&_gbt=1158&_u=YHDAAEABAAAAACAAI~&jid=&gjid=&cid=1256778343.1700172473&tid=UA-69014652-1&_gid=1757141294.1700172473&gtm=45He3b81n71TX6HJVv71649924&gcd=11l1l1l1l1&dma=0&z=1512478217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.comparitech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 21:53:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
842
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery string| ajaxurl object| presslabs object| dataLayer object| COMPARITECH object| convert_temp undefined| loglyjson object| convertData object| matched function| REED_$ object| REED object| convert object| _conv_q object| _gaq function| ga object| _kmq function| btbCreateCookie function| btbReadCookie function| btbEraseCookie function| btbCheckCookie object| btbTestTracking string| secure function| hj object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| comparitech_frontend_data string| sizes object| _hmt object| _czc object| emosGlobalProperties object| _paq object| _wt1Q string| btbVars string| btbDiag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| prefix function| visibilityState number| startTime object| totalTime number| prevTime string| visibilityEvent function| vC function| sT object| isOnIOS string| eventName boolean| scrolledOnLoad function| checkValidUserId object| gaplugins object| gaGlobal object| gaData function| _typeof function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray object| ClickTracker function| ready string| click_id string| client_id string| session_id string| running_tests function| onYouTubeIframeAPIReady

8 Cookies

Domain/Path Name / Value
.comparitech.com/ Name: _conv_v
Value: vi%3A1*sc%3A1*cs%3A1700172472*fs%3A1700172472*pv%3A1
.comparitech.com/ Name: _conv_s
Value: si%3A1*sh%3A1700172472115-0.6094865668777099*pv%3A1
.comparitech.com/ Name: _gid
Value: GA1.2.1757141294.1700172473
.comparitech.com/ Name: _gat_UA-69014652-1
Value: 1
.comparitech.com/ Name: _ga_MDHRS9ZYXE
Value: GS1.1.1700172472.1.0.1700172472.0.0.0
.comparitech.com/ Name: _ga
Value: GA1.1.1256778343.1700172473
.comparitech.com/ Name: _ga_594Q6WX0ED
Value: GS1.1.1700172472.1.0.1700172472.0.0.0
.comparitech.com/ Name: _ga_85Q6K905JF
Value: GS1.2.1700172472.1.0.1700172472.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-3.convertexperiments.com
cdn.comparitech.com
pro.ip-api.com
www.comparitech.com
www.google-analytics.com
www.googletagmanager.com
104.74.33.8
139.99.133.174
172.217.167.104
172.217.24.46
209.58.173.178
08049086e9852d596fd6e91c8a0a12701ff1f473636d108ea8c750bcf79cac52
0979f6e5528f24c1fc0ad28649d7a44bfafedfa8c55db3d88893dfdac788e595
303626f0dad9add721ac911e428476b2b7e1a6fa17f8e067dce4ff35c47d696b
34030530b1ff67bf0b1da808ef69c3687b97253c46abc90e752762da03c3815b
3d58f1b89f2f7b3e3d2b21719918c44b2e5f50cf32fb5d034d6a6bf006056090
414457089c19439b7d1c394ab32dd7ee1797634a468241b37c72a2ecdcfdd792
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
670162ad189922baf94c2f4e360d10481723c1c4fb2fb978bab467878a614350
6cddb69ed120db073795c5c2a04676214476161606e518f483689b93bd928ae3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b9672926ce850def6da5b8b9bf95e7d0dd12c30c8d3979218ad516ec4c19e1b
9bae2410294b240e904b78d476d4875b1821eb98e40189f5f62aa720729dbfb0
a462f11e8bf18200ba1d3b55df59af42bacf7f0a4eda83f6a169b82dc7152845
c9fbc9ebb037fcca34098b3168f0fc630b675bbe0a8dc2b9560476454bad6a1b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7a8b3dc5e29592a5d5c1880d9cc2086b2964282e0b27673d9b4c6e7bed0b3ff