www.threatminer.org Open in urlscan Pro
2606:4700:20::681a:eeb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Submission: On April 05 via api (April 5th 2023, 1:45:19 am UTC) from US — Scanned from DE

Summary HTTP 282 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 24 domains to perform 282 HTTP transactions. The main IP is 2606:4700:20::681a:eeb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.threatminer.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2022. Valid for: a year.

This is the only time www.threatminer.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:20:... 2606:4700:20::681a:eeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
21	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 1	2606:4700:10:... 2606:4700:10::6814:9710	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:a79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
23	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
15	2600:9000:205... 2600:9000:2057:9000:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
3	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
5 11	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
26	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
3	104.244.43.131 104.244.43.131	54113 (FASTLY) (FASTLY)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
21	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
3	199.232.196.64 199.232.196.64	54113 (FASTLY) (FASTLY)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 3	2a05:d018:d29... 2a05:d018:d29:3602:4dc4:1acd:4e16:7f78	16509 (AMAZON-02) (AMAZON-02)
3 3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
282	42

27 2606:4700:20::681a:eeb (United States)

ASN13335 (CLOUDFLARENET, US)

www.threatminer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:9710 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

i.creativecommons.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:a79 (United States)

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

threatminer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2057:9000:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.43.131 (United States)

ASN54113 (FASTLY, US)

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.196.64 (United States)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:4dc4:1acd:4e16:7f78 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	589 KB
42	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 958 trc.taboola.com — Cisco Umbrella Rank: 682 trc-events.taboola.com — Cisco Umbrella Rank: 1954 vidstat.taboola.com — Cisco Umbrella Rank: 2801 am-trc-events.taboola.com — Cisco Umbrella Rank: 13974 images.taboola.com — Cisco Umbrella Rank: 1880 imprammp.taboola.com — Cisco Umbrella Rank: 13160 am-match.taboola.com — Cisco Umbrella Rank: 12965 wf.taboola.com — Cisco Umbrella Rank: 2835 am-vid-events.taboola.com — Cisco Umbrella Rank: 12324 sync.taboola.com — Cisco Umbrella Rank: 1027 vidstatb.taboola.com — Cisco Umbrella Rank: 4877 pips.taboola.com — Cisco Umbrella Rank: 1606 cds.taboola.com — Cisco Umbrella Rank: 1863	2 MB
27	threatminer.org www.threatminer.org	1 MB
25	twimg.com abs-0.twimg.com — Cisco Umbrella Rank: 2354 abs.twimg.com — Cisco Umbrella Rank: 2043 pbs.twimg.com — Cisco Umbrella Rank: 757	77 KB
24	twitter.com platform.twitter.com — Cisco Umbrella Rank: 793 syndication.twitter.com — Cisco Umbrella Rank: 1106	759 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	212 KB
19	google.com 5 redirects cse.google.com — Cisco Umbrella Rank: 3131 adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 456	227 KB
16	gstatic.com www.gstatic.com p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com	201 KB
15	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 5014	566 KB
12	disqus.com threatminer.disqus.com disqus.com — Cisco Umbrella Rank: 1224 tempest.services.disqus.com — Cisco Umbrella Rank: 16661 referrer.disqus.com — Cisco Umbrella Rank: 7512 links.services.disqus.com — Cisco Umbrella Rank: 14303	80 KB
6	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 302	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	292 KB
5	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6836 router.infolinks.com — Cisco Umbrella Rank: 2819	59 KB
4	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 28 fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
3	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 577 token.rubiconproject.com — Cisco Umbrella Rank: 574	11 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	793 B
2	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 9462	777 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 162	3 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7832	696 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	913 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 416	288 B
1	licensebuttons.net licensebuttons.net — Cisco Umbrella Rank: 26657	739 B
1	creativecommons.org 1 redirects i.creativecommons.org — Cisco Umbrella Rank: 29287	241 B
282	24

	Domain	Requested by
31	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
27	www.threatminer.org	www.threatminer.org
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
21	pbs.twimg.com	syndication.twitter.com
21	platform.twitter.com	www.threatminer.org platform.twitter.com syndication.twitter.com
18	pagead2.googlesyndication.com	www.threatminer.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	c.disquscdn.com	threatminer.disqus.com disqus.com c.disquscdn.com
11	images.taboola.com	www.threatminer.org
11	www.google.com	5 redirects cse.google.com www.google.com www.threatminer.org tpc.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
7	www.gstatic.com	googleads.g.doubleclick.net
7	cdn.taboola.com	www.threatminer.org cdn.taboola.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	cse.google.com	www.threatminer.org www.google.com cse.google.com
4	am-trc-events.taboola.com	www.threatminer.org
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	disqus.com	threatminer.disqus.com c.disquscdn.com
3	sync.taboola.com	imprammp.taboola.com am-match.taboola.com
3	ups.analytics.yahoo.com	3 redirects
3	pr-bh.ybp.yahoo.com	1 redirects imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	links.services.disqus.com	c.disquscdn.com www.threatminer.org
3	abs-0.twimg.com	syndication.twitter.com
3	trc-events.taboola.com	www.threatminer.org
3	fonts.googleapis.com	googleads.g.doubleclick.net client
3	referrer.disqus.com	www.threatminer.org
3	syndication.twitter.com	platform.twitter.com syndication.twitter.com
3	router.infolinks.com	resources.infolinks.com
2	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com
2	am-match.taboola.com	vidstat.taboola.com
2	cdn.viglink.com	www.threatminer.org
2	p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com
2	trc.taboola.com	cdn.taboola.com
2	sb.scorecardresearch.com	cdn.taboola.com www.threatminer.org
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com cse.google.com
2	www.google-analytics.com	www.threatminer.org www.google-analytics.com
2	resources.infolinks.com	www.threatminer.org
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	vidstatb.taboola.com	www.threatminer.org
1	token.rubiconproject.com	eus.rubiconproject.com
1	am-vid-events.taboola.com	www.threatminer.org
1	wf.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	abs.twimg.com	platform.twitter.com
1	gum.criteo.com	cdn.taboola.com
1	clients1.google.com	www.threatminer.org
1	www.googleapis.com	www.threatminer.org
1	tempest.services.disqus.com	threatminer.disqus.com
1	threatminer.disqus.com	www.threatminer.org
1	licensebuttons.net	www.threatminer.org
1	i.creativecommons.org	1 redirects
282	54

This site contains links to these domains. Also see Links.

Domain
medium.com
github.com
www.linkedin.com
www.google.com
cse.google.com
www.virustotal.com
www.hybrid-analysis.com
virusshare.com
creativecommons.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
a.disquscdn.com Amazon RSA 2048 M01	`2023-03-01` - `2023-10-29`	8 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-04` - `2023-12-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
viglink.com Amazon RSA 2048 M01	`2023-02-24` - `2023-11-11`	9 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Frame ID: 7944C98AED0CFDA43BAF6CF200A151E8
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/zrt_lookup.html
Frame ID: 3C6A2A392B34D3078D10FE430DC797D7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.threatminer.org
Frame ID: 1F4F3800C0730AA660672A50FC85AA1B
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf
Frame ID: B52FAAEE650CE14B234473BA10A0B735
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=3&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112024&bpp=4&bdt=331&idt=214&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&correlator=3569924714072&frm=20&pv=2&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=X3jqZJ0wEV&p=https%3A//www.threatminer.org&dtd=246
Frame ID: E904913D14EF3EAFE040D3C20F14DD84
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=1&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112028&bpp=1&bdt=335&idt=248&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5KEwzWLDCy&p=https%3A//www.threatminer.org&dtd=257
Frame ID: DF46BB5EAD9ADC447C87EBA7C160EAD2
Requests: 11 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
Frame ID: AB434B37AB5422AE644B7CEA0DC7D20A
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1680659112&rafmt=11&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112029&bpp=1&bdt=336&idt=287&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MtAdf29aSu&p=https%3A//www.threatminer.org&dtd=290
Frame ID: E621B6FF653CA3D37682E17B052D3018
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=748155151&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=294&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1035&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PjCQGvdUPa&p=https%3A//www.threatminer.org&dtd=299
Frame ID: C4275A7FA4724CADB4B7A90533EFB788
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=8831273914&adk=3175788880&adf=707097127&pi=t.ma~as.8831273914&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=303&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=YdKzrcLt3Y&p=https%3A//www.threatminer.org&dtd=318
Frame ID: B8AC5B3753E9E108AB95D7850752260B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&adk=1812271804&adf=3025194257&lmt=1680659112&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112147&bpp=2&bdt=454&idt=220&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db133cbf0acc955e9-220e6796f7de0064%3AT%3D1680659112%3ART%3D1680659112%3AS%3DALNI_MbzUbr0ygoAmksUglediGzuUE9RTg&gpic=UID%3D00000bd0b9361825%3AT%3D1680659112%3ART%3D1680659112%3AS%3DALNI_MbByRAhh9hlTTg_U14p6rmZQa8w2g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&nras=1&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=240
Frame ID: F7BF75C616BBBDC5F16201740F84F19F
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Frame ID: 013044AF6E716AA32CE8D17BAA5F5104
Requests: 45 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Frame ID: 2909799AE90A1245685A58F0F8588DDD
Requests: 39 HTTP requests in this frame

Frame: https://cse.google.com/cse_v2/ads?adsafe=high&pcsa=true&cx=414385693720d4156&fexp=20606&client=google-coop&q=69b7746514c70046dd974616ca0623cf&r=m&hl=de&type=0&oe=UTF-8&ie=UTF-8&format=p4&ad=p4&nocache=7181680659112584&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1680659112585&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=28475&frm=0&cl=520018305&uio=-&jsid=csa&jsv=520018305&rurl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&adbw=master-1%3A271
Frame ID: 47A80F72CA82FE18E2B66350C18008BB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 743E62CA131DC81ADE0F61D1511E8A5E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7D702DFB508AE35299650681965ED592
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3A2C6BBF64DE321FBD4BB342819847E5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AA71FAAE6E4AD7DA06115D7A8E6D128D
Requests: 2 HTTP requests in this frame

Frame: https://p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 020EC4FE4480624DC45C61457B6770D6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9A621C3153E4A7CA1D3F6563329ADBC8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js
Frame ID: FA1A41F8BD5A21173E610811BB6EB9B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 538130D23C9C5976AC73F6FE25079D7A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js
Frame ID: 2E9999AC3BAA7E263A38C5A985097FE3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js
Frame ID: 72D18D77B24649FC4E8167C2CBE5F699
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js
Frame ID: 7CB68F4894BB82263F7F836BC7A59166
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js
Frame ID: DEFAAB2D567D11B820DDBD5770803CB5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js
Frame ID: 0ADE952C4B3CA0BEA90661211EA625A8
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&cmcv=&pix=undefined&cb=1680659114413&uv=3265&tms=1680659114413&abt=dfrc_vB!id5mc_vA!nonrv_vA!t45!ufm&ru=https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=f6691893-a221-4213-a116-2168326dd3cd&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2D6D1B5C47E8F76174370D0AF2579EC7
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 18AE8CD4451834ABDF527B61FFDE3130
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 470E3DF39C6847FEACA01ADC143F6BC3
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 442759360E1267D98331F959955B1D6B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 037924B4ADF3B4CC80212CCD5A9C3738
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC8D239CE0D7A88A8492B8131E6B053B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

69b7746514c70046dd974616ca0623cf File Analysis Results | ThreatMiner.orgsuchensuchen

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

282
Requests

99 %
HTTPS

56 %
IPv6

24
Domains

54
Subdomains

42
IPs

5
Countries

6072 kB
Transfer

14939 kB
Size

13
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/@threatminer
Title: Blog

Search URL Search Domain Scan URL

URL: http://github.com/threatminer
Title: ThreatMiner Github Github.com/threatminer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatminer/
Title: Follow Threatminer on LinkedIn Linkedin.com/company/threatminer/

Search URL Search Domain Scan URL

URL: https://www.google.com/search?client=ms-google-coop&q=69b7746514c70046dd974616ca0623cf&cx=414385693720d4156
Title: suchenAuf Google nach "69b7746514c70046dd974616ca0623cf" suchen

Search URL Search Domain Scan URL

URL: https://cse.google.com/?ref=b&hl=de

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/0c8ff48685b55f5d16708fb27603f350d278c62bdd18b2e47abaa9f3330364d6/analysis/
Title: VirusTotal

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/0c8ff48685b55f5d16708fb27603f350d278c62bdd18b2e47abaa9f3330364d6
Title: Hybrid-Analysis

Search URL Search Domain Scan URL

URL: https://virusshare.com/
Title: VirusShare

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by/4.0/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://i.creativecommons.org/l/by/4.0/80x15.png HTTP 301
https://licensebuttons.net/l/by/4.0/80x15.png

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 159

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 172

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 208

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 248

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-CFOBw_9E2uE_CLSPWsde_U2xysbL7ytuQhVK2TQ-~A

Request Chain 272

https://pr-bh.ybp.yahoo.com/sync/taboola/?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-5BVP3whE2oReD6MtelB.INdYkbAnC8b9LOx2Vw--~A

Request Chain 273

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-CFOBw_9E2uE_CLSPWsde_U2xysbL7ytuQhVK2TQ-~A

282 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sample.php Show response
www.threatminer.org/ 103 KB
12 KB 91ms
45ms Document
text/html 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511497d555bcd8812cb48ee7351dc7b82819e48c6f68c8cc2ada9b376f8dc934

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7b2e1c37cc5e0b44-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 05 Apr 2023 01:45:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUcZDxwIj%2BGFoYCUsOjf1iGykpSl%2BwRGeJSw%2Btu9IZ9FKZ8iWLDeItv4Qq8F6J9p0lec8qgDKGg5zoZqUemTQ6vJ2eICrVaQ7GVOjaFJ03jUJ89IttYpXrvZY5k24vp%2Fm7awJVYaKBnG0%2BrqxHww6m8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
www.threatminer.org/bower_components/bootstrap/dist/css/ 115 KB
20 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ca39-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmzpYjlj0I%2BTRumZMacbrlkFXjVgfHI9q6e4x5hDr2bnfMWFZ%2BFeYzxMnQS1ZJTXWMWQVKfWTOWlndY5pqtAGwvDgnmTgJmtz13E3VOYaJuCCqWikDYfWpXnEwQ0NTLAA13yRjShcoueTIk%2Fk%2FWflnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c381c980b44-AMS

GET
H2 200 metisMenu.min.css
www.threatminer.org/bower_components/metisMenu/dist/ 781 B
686 B 40ms
38ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"30d-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35yqbRLjXaF4O%2F%2FYkH7Jb5NwdEgfGEW3sBVI8SbWn9hEeEVm2NKijatSepszNnyz2oLwaRt5MtZxEFhLDlFwdEAVl4NjueNZBLtgXKavSDtW0Eeo85D9bUzdiw1%2BeewvML2dGhPNmwBvpPnjPfOr%2FjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c381c990b44-AMS

GET
H2 200 dataTables.bootstrap.css
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 6 KB
2 KB 38ms
36ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac55d188233bffb66023997fcdf69c38df2f62ee4654ad62c61a85b6e81d705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7616
etag: W/"1dc0-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AShyG3CyRzx94Xv3ZHCJopjrvuvfiBxNOxR5Ybj8oubX6JaUHE6G45BQKnmmwegZcCDe%2B7fkrsHozGxf47mk%2FEpjuY41Z%2BNamlR01%2BWjgBnnldfdSeD5b%2BD%2F12TR9caPQhaejvHaM1na%2Fy5NlMyhu1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c381c9a0b44-AMS

GET
H2 200 dataTables.responsive.css
www.threatminer.org/bower_components/datatables-responsive/css/ 3 KB
912 B 34ms
32ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-responsive/css/dataTables.responsive.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c692f0d15d92d902c12d745947ba1f892a76bbf3f74c6f3a9f590afd0653ee04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3051
etag: W/"beb-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFQ7H0ZQso%2FT4mqDfaun4cbLQPVEqWVKCc75DWNdURsFAWSsvUcqXQObkuOPi9gUDofB9JsQM01Hj3m6wfnd6XHnDTQdN8dzQEhQTEXJbQ7eawT51mHPAwuL3dnNk4LEPVfZM78tUFnwZm3KtP9g8HI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c382c9b0b44-AMS

GET
H2 200 buttons.dataTables.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 8 KB
2 KB 33ms
31ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.dataTables.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 13:08:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1f58-54e761fab9800-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHjuqFbMGY%2FpFRo2BwO3VhfLl5ogMgASp%2B0liaM4qTOKtkFGSJnFXXOUvrjWPdIDvkUPXf4I1rCFlxCPBWPk2LY%2BHAwDc5yGY2%2Fv3baBgwe7gi3MViRpC9VXMVpVZ0hYLNVFdweVn2U8aisxBCp72gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c382c9d0b44-AMS

GET
H2 200 buttons.bootstrap.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 2 KB
752 B 35ms
33ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.bootstrap.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 13:02:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"626-54e760a737700-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHGVYr%2BhbwHcBi%2BQMuT95QXMwSl%2FjGnOOXSbqw9s4dvUuDS0MGGrNMhKPfSvUiGFSdMm%2F1I5x1iscWAbudJ0LSrSQe3cMuzJVRjrwVdwktuJ2iumkRIwSSJyLsub0Bcu%2Fp%2FyUomE81yeb3%2FF%2BMaVn8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c382c9f0b44-AMS

GET
H2 200 sb-admin-2.css
www.threatminer.org/dist/css/ 4 KB
2 KB 38ms
37ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/css/sb-admin-2.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50d6e541020cbfdddf888aa2c42ad1c8d2296f9045709983354441032e2eb55d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 02 Jan 2021 17:59:17 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5638
etag: W/"1606-5b7ee9d93cc8e-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCyrLZWueb%2FXknrzHy0qPubAxtM0VuDHq4haTBYEn8RVRfAvJ63MX2%2BeNU0SfzrbnVNx6bRM0hblIeGMfH8srmvddKPBesE4mQ%2BiILTJRXByWvy05PcU1bHHacTqWa%2BMBPLBdv4We0uRqZ12ox2BAzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c382ca10b44-AMS

GET
H2 200 font-awesome.min.css
www.threatminer.org/bower_components/font-awesome/css/ 21 KB
5 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"55e0-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95hFr195TAwi2ET5DWeqD%2FndYR91EYaBbDmsyOJ3c57lPiWlPbAAz1YA%2BFpghiQlsVsCZLHheDs%2BvE8is56AkzIzhQa%2FAIJyEKOS2LPjMrKhDBWrlTWmQ0JeIYK%2FcOtGxYFJ5C%2FxK%2BqInCajyn8C6%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c382ca20b44-AMS

GET
H2 200 social-share-kit.css
www.threatminer.org/dist/css/ 12 KB
3 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/css/social-share-kit.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60adb5d029ec8a5d4613d7d57ff8a799c43caae1d1d1c2e5c230d65850fd5273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 16 Dec 2016 10:13:34 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12273
etag: W/"2ff1-543c3d291af80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5Hi8LfAQzrtYdbcWmDFH7zCLc6wPscN%2Bob1DRTGCQSY7q5NN%2B5iV%2FqK1keWcu5AM9jjx2KbVA2KKKvM6mGo0Fso8astxHX2QWtNvvtd9Zq7yHeA9yBP1ce2pCu3bHa7EHaIbH%2BfLE3Q651CI%2BenILA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 7b2e1c382ca30b44-AMS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 95ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2197ca2cf2c3574ccafa6b1707a4d0bd5e06ca3607bccaf84b8ddf5912a23e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48354
x-xss-protection: 0
server: cafe
etag: 3379206962931961197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:11 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 69ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:11 GMT
Content-Encoding: gzip
Age: 736
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/6725)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 ajax-loader.gif
www.threatminer.org/images/ 3 KB
3 KB 41ms
39ms Image
image/gif 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatminer.org/images/ajax-loader.gif
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934abde684325043e16edeffd73752cd5f0ab00b5723d8e47a618ce3f16a3799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Sat, 17 Oct 2015 00:26:24 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2608
etag: "a30-52241f64ccc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fElwVb0ogTgmL%2BDV%2FIPalZyPNRH89uwXykd6hnWM1YeoH6r2G3wa5egmmJ2zlCF6nQU3V0cmNK%2BZFj5Oj1ZSy2O05PfRszkG0CDe4sH58hGRKbGIjgVxawTwBZEr4sDFysLu2Ms47a21LEjhsZwXWrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7b2e1c386cf10b44-AMS
content-length: 2599

GET
H2 200 jquery-1.12.4.min.js Show response
www.threatminer.org/bower_components/jquery/dist/ 95 KB
34 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/jquery/dist/jquery-1.12.4.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:15:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17b8b-54e7561880e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ucnrbP%2FQZF8QRYirJjb3g2N4qYKWpIQ9WuGQYWljOyDUEdG9pdW7SqWUiOb962LQgDOgx76c4Wuepf8AhkZ6CPPcxrIzQ5IkaX%2B4b5%2B1XEcALYNZnCN7LHMd%2B8q4xRdMq4X0Fqtv2XZsO%2FzIL6d20M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386cd80b44-AMS

GET
H2 200 bootstrap.min.js Show response
www.threatminer.org/bower_components/bootstrap/dist/js/ 35 KB
10 KB 30ms
30ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8c6f-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ED%2FVHbvZfZKnGLso33MkZWoCOizmlA8C2K19HALSIqyDcRDZvnvCZnjxoUD3krGrZ%2BA4iHl%2BTTP55exFlVqVURQilqEBBF2IVcVVhjMoEs%2BcWKuZQAgAdhN8Btc8v9VCiOglpjSgnfOuljY%2FUVD4sj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386cdb0b44-AMS

GET
H2 200 metisMenu.min.js Show response
www.threatminer.org/bower_components/metisMenu/dist/ 2 KB
1 KB 58ms
54ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"757-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntRCd%2Bi321RryOlb73I8oIIvaE0y%2BB0kEjMBRfmC23Qm5lzYBMsIQg6%2BDb4B2eLKbDN1asW80GlW47KzZNUjyGa1SnBIMtRJ0%2Bkp1NFC%2BMN2NdtcYMDBt8tLWMZlb0ISm43q8RtzngFQIS5aXvHoTw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386ce30b44-AMS

GET
H2 200 jquery.dataTables.min.js Show response
www.threatminer.org/bower_components/datatables/media/js/ 81 KB
29 KB 36ms
32ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables/media/js/jquery.dataTables.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"14544-54e7582bb33c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osVdSLx757ViDwsqgcBu25Lh4Zy1G7UDcStbyTTdSObYPXg9%2BcohVJnqQiS%2BW7xCiDvRSd9ryx4G3VN6L6EGV%2Bf2GR1kOH%2FBWz28WDNLLLXG73K5zLg6PaKjQbr%2BReg%2B4XL4ZwXTgTE1pZd2iDyIRzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386ce50b44-AMS

GET
H2 200 dataTables.bootstrap.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 2 KB
1 KB 34ms
30ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"796-51434f58bfb80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S%2FOyJ8zIlZia13zTBb2kC7eF8klO6Ui1GIlbJRjF%2FsQnYuspGKfkljtlp67KlJUFUGbtJ59i1iEL2s1xYWxZUsE%2F7PTHqNSOa5USJCxvNu%2Fi8H8W06V8rdjd3yR4h4SFtPgYlvmHd2mLR1dbTatm5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386ce60b44-AMS

GET
H2 200 dataTables.buttons.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 16 KB
6 KB 42ms
38ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:34:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4088-54e75a5c75ec0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HIZLgpnOPpKDlIts0MwP9T7qDY4LqPAgUK46ARXdMAkx4yKHoVT%2BQOFf3ETlbz7PfckJ%2BdcGKKmdgJ%2BKK1nsQ9uSEf0FYlduWeUC0c6VZHzTjUG8pTYKRgBsnNzm4HrbR43BA9Fas%2F2y9ws9VzC%2FKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386ce70b44-AMS

GET
H2 200 pdfmake.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/ 1 MB
391 KB 56ms
52ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"106721-54e74d7b9bc80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqPO3xUAFV1BF2a4xWFqGpjBcwxgSQ1D1aCXoHvC4PVJtIDedDNnNLOWJA9E%2F4SBGcTb45D%2F4H7SS8UuJrAkoPYptitCDADrIz84I5NkciLSj9S8jTadRHcXOCtqvc068xKxp43xi5yUtPhlc0zYZBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386ce80b44-AMS

GET
H2 200 jszip.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/ 100 KB
31 KB 44ms
41ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/jszip.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:36:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"18e33-54e74d74eecc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LwXCysFC%2BKd%2BJgMpwp0aagMsF57ECB7Br8VpNTIM9%2BUfz%2FfVwgvQK5vY3rO7BNzl3dACdqfY3hJrgwoWOHfrIQI4DiHT8a0VJz3TJdxwaLs%2B3tX94YJPEeRR0X%2FVi2Wsv3qDmDJZfKi9rV4JRItvZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386ce90b44-AMS

GET
H2 200 vfs_fonts.js Show response
www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/ 933 KB
454 KB 46ms
43ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecee1d502f45731162f99f4d6aa07c0315a26a8382c1b1bc3c9958ab3ff04000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 01 May 2017 11:37:11 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=955603
etag: W/"e94d3-54e74d80607c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCENXBohN8I0s%2F2vgNPIHthm56KZfYji3ya%2Bw0NiOi28e4e%2BdNauLk4QUVBXH8e4NiI29RM7srxMqjlbFmsDF45Y71fwgwu4Hgj5XPAICocoAw3MJV5DJSMwH2hHk0Aedtoz6VKpwg4DhqUVpGFN%2BV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386ceb0b44-AMS

GET
H2 200 buttons.html5.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 23 KB
6 KB 46ms
43ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b7a-54e74d8525300-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTw%2BzNGpziAuYO%2BJrPpiGfYGFmwpkIxyYzrnTjwLZBk23vb3cXfPUCTYHhl5w1UBGb5sRMUYXNXGzM1VhROBOpHNl5TkxwQ4WS5k44EzUBtsGT7LNkFfEzjYT6f7rAjzPUCAvW6iI6lTD0G%2FtQOPRzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386cec0b44-AMS

GET
H2 200 sb-admin-2.js Show response
www.threatminer.org/dist/js/ 756 B
718 B 42ms
40ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/sb-admin-2.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed99491fe47b5733d1ad2fbf90f5d9066d049a530d1b92ebe47be5e0c527a32e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 25 May 2019 17:16:01 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1181
etag: W/"49d-589b97821f640-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tx1JTTE%2Bqwxj0MOdYLMYUBujfmwI%2BTbzXjxw7Lvqlxauq%2BR%2BIbSTYG4ac%2Fc%2BtKKU4HJQlg3kHJWFhzVMBKvt5Ml1Ek0xWaMnyfaschG3lYqKmHpIr1fFUE5Y%2BYqdvIHxw07SQQaSsn3%2FDAaKaoawRCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386ced0b44-AMS

GET
H2 200 tm_utility.js Show response
www.threatminer.org/dist/js/ 8 KB
2 KB 33ms
31ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/tm_utility.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e725928ffb665a91ca8a3631e3002edba9b0f9ec66b40a59d53db0f44827e34e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 22 Nov 2021 16:06:03 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=10497
etag: W/"2901-5d162cd378793-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCdbaZQ1LZjvPbKg43v3633Ozx%2BQ4FO%2FqmT5x%2B%2FtuMOv0eAgv22qnMYhQMZ0osvN1VTCw7rWpn3egr%2BgIXG8vBkQCiT8afe8feOmVsgqAKd%2BbfCV49LnYGiGFdIptccpAOrTbETUT3eMPAHfDafVBMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386cef0b44-AMS

GET
H2 200 social-share-kit.min.js Show response
www.threatminer.org/dist/js/ 6 KB
3 KB 41ms
39ms Script
application/javascript 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/social-share-kit.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Mar 2019 16:07:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"179c-583ab8aa0e600-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avtQzzkRNbw74Z%2FABNl0XQD7vriMzQGYd%2BQHhl2zHSsN5rVP%2FO1g0%2FYk3qtzrIisJwfVxd7uURLBmkcXk7D3KZtwe8NIosubGQzot%2BWrp7QHXOA2LK%2BvIXbIDHQ8Eks9aEo%2FeTmZaAQW90Z%2BwsfUo44%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7b2e1c386cf00b44-AMS

GET
H2

200

80x15.png
licensebuttons.net/l/by/4.0/
Redirect Chain

https://i.creativecommons.org/l/by/4.0/80x15.png
https://licensebuttons.net/l/by/4.0/80x15.png

430 B
739 B

74ms
34ms

Image
image/png

2606:4700:10::6816:a79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://licensebuttons.net/l/by/4.0/80x15.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

Server

2606:4700:10::6816:a79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f43d4d35e7ac1e815dc0c8897806e30d928ee62e1aa6ac20f49c649f8b694004

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3735
cf-polished: origSize=640
content-length: 430
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
server: cloudflare
etag: "5eab4a31-280"
x-frame-options: deny
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 7b2e1c39385a1c14-AMS

Redirect headers

date: Wed, 05 Apr 2023 01:45:11 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 952
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html
location: https://licensebuttons.net/l/by/4.0/80x15.png
cache-control: max-age=432000
cf-ray: 7b2e1c38af1a0a5d-AMS
x-xss-protection: 1; mode=block

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
2 KB 46ms
18ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8510c5988d05e3e0eb33cea61d4f4f3fdc1a87d32ce1178f1f2b851e3f87fff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 14:00:26 GMT
server: cloudflare
age: 13345
etag: W/"e3e-5f80a65ec28c2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7b2e1c389bfc2c7e-FRA
expires: Tue, 04 Apr 2023 23:02:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
24ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 00:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5999
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 05 Apr 2023 02:05:12 GMT

GET
H/1.1 200
OK embed.js Show response
threatminer.disqus.com/ 78 KB
26 KB 215ms
162ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://threatminer.disqus.com/embed.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

ed0f4f0af70e74082f116797e64983635012530b9eb213ffd2b03fd1501de854

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:11 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
Server: openresty
Age: 0
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25681

GET
H2 200 fontawesome-webfont.woff
www.threatminer.org/bower_components/font-awesome/fonts/ 64 KB
64 KB 39ms
39ms Font
application/font-woff 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Origin: https://www.threatminer.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ffac-51434f58bfb80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAjQgR72SfrGcO3hW2541OW9gwjmNWvpX48PpJBB3XK%2BebDxevkejmekY8ckpPziU%2B7e2blqzkbK9fC3P1sMdczRvraSQumJ4u06ZM7amH3J7u3tjZLX1PrMNs5YiQWdsYuQ7n4upeOznI3uHzUGRV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=86400
cf-ray: 7b2e1c388d010b44-AMS

GET
H2 200 social-share-kit.woff
www.threatminer.org/dist/fonts/ 7 KB
7 KB 39ms
39ms Font
application/font-woff 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/fonts/social-share-kit.woff
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/dist/css/social-share-kit.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 697c41fffac431521f2db48c7426ac23b972b6eb7b1242f0bb47d6079884d3a4

Request headers

Referer: https://www.threatminer.org/dist/css/social-share-kit.css
Origin: https://www.threatminer.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2016 10:13:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b08-543c3d291af80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oW2uSIzqUwG2d%2FTaLU6LR%2FTignseyOCyqZ5BraPBswCxxe6oAJwYH1dyo0dvL5rfEycBJhY65F4J7pX%2BrRtbK7tmkmLtdxM87MWes3mWlmvleFTLteeGVQ74pga09OThvFVHR3DVWkR9vSv4OIXanOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=86400
cf-ray: 7b2e1c388d050b44-AMS

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 20ms
20ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1097699795&t=pageview&_s=1&dl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&ul=en-us&de=UTF-8&dt=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1820095818&gjid=1431610864&cid=683483255.1680659112&tid=UA-73787980-1&_gid=6747969.1680659112&_r=1&_slc=1&z=1648191271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.threatminer.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:45:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.threatminer.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/ 349 KB
117 KB 93ms
77ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5720763271532377&plah=www.threatminer.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b46ecf1bd85bbbe0bd1d75d1b59760137e9d6f2a521a484a494fde64da6f6913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119330
x-xss-protection: 0
server: cafe
etag: 13275741981430705317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/ Frame 3C6A 10 KB
5 KB 92ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 18:34:17 GMT
etag: 2378337311435320485
expires: Tue, 18 Apr 2023 18:34:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 getReport.php Show response
www.threatminer.org/ 0
329 B 32ms
30ms XHR
text/html 2606:4700:20::681a:eeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/getReport.php?e=notes_container&t=2&q=69b7746514c70046dd974616ca0623cf
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/dist/js/tm_utility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBlFhWzzjd8Q3VmGQEEcJU0aoIeBmO50KDZnIjyAQ2dPxPGNbiMENkzq%2ByMS1CS8WvjuTU5NqT2U1Kcho1Rqg9P3jNdnnDKqQwGjZt0lWtXUb9LvJqCnsIOw8zV1dIjmFwUpPIQY0ptmMtURtVnhUOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7b2e1c3a9ebc0b44-AMS

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1852.004-3.026/ 184 KB
56 KB 21ms
20ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2066cbddd11120323965d776a04384f7fc450854218082ce14873e9b06e7c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 12:22:57 GMT
server: cloudflare
age: 9454
etag: W/"2e133-5f7e0cd96e691"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7b2e1c3aad5b2c7e-FRA
expires: Thu, 04 May 2023 23:07:38 GMT

GET
H2 200 lounge.cef06fba9afb581ee691b2d4ff616400.css
c.disquscdn.com/next/embed/styles/ 0
33 KB 87ms
8ms Other
text/css 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Requested by

Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 28 Mar 2023 23:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 612368
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33266
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 28 Mar 2023 23:28:13 GMT
server: nginx
etag: "6423780d-81f2"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: pE1J2WoJNjy6mnn8kHNrcQxQ-xSavhBXKIzBoikRspDKVnBI-5r5JQ==
expires: Wed, 27 Mar 2024 23:39:04 GMT

GET
H2 200 common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js
c.disquscdn.com/next/embed/ 0
93 KB 93ms
15ms Other
application/javascript 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Requested by

Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 27 Mar 2023 21:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 705383
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94181
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 27 Mar 2023 21:43:49 GMT
server: nginx
etag: "64220e15-16fe5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: 95y8GIg28GN5sUwOEa13tHwsY5BXJpoKIcPk5dZDHsnCR5w1DeKxIQ==
expires: Tue, 26 Mar 2024 21:48:49 GMT

GET
H2 200 lounge.bundle.b29dff8af22e68239aefa0cfa712236c.js
c.disquscdn.com/next/embed/ 0
127 KB 102ms
24ms Other
application/javascript 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.b29dff8af22e68239aefa0cfa712236c.js

Requested by

Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 27 Mar 2023 21:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 705383
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129767
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Mon, 27 Mar 2023 21:43:49 GMT
server: nginx
etag: "64220e15-1fae7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: Ww_7wEt6G4uP5LXv5MPJJCQVJ2OJ140E5anxlNswYKzD2niTHeTuzQ==
expires: Tue, 26 Mar 2024 21:48:49 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
17 KB 45ms
7ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:12 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 4
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17258
X-XSS-Protection: 1; mode=block

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 131ms
43ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=414385693720d4156

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

d83276cec4453b17a6505a9b32f584f2e9436f5e29e4cb4f06d19f6f346f357a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: br
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-IXLe-93nNVeVRdnUPjHh_g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2500
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 1F4F 320 KB
104 KB 8ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.threatminer.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1745546
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 05 Apr 2023 01:45:12 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame B52F 0
33 B 134ms
123ms Document
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7b2e1c3b5dd32c7e-FRA
content-length: 0
date: Wed, 05 Apr 2023 01:45:12 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
43 B 129ms
122ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b2e1c3b5dd62c7e-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 0
33 B 185ms
181ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3241790&wsid=0&pdom=www.threatminer.org&purl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&jsv=1852.004-3.026&_cb=16806591122120
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1852.004-3.026/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b2e1c3b5dd52c7e-FRA
content-length: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1F4F 663 B
606 B 166ms
114ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=94f16785cf17a3cf76503a5907dc736e0466215e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.threatminer.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 05 Apr 2023 01:45:11 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 05 Apr 2023 01:45:12 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 793a96d90589ec85
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 323b0d8d06b3eb3953771a77c4446ff9371fde9738f0206d4131eff9ec3a0b2e
content-length: 284

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
601 B 71ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.threatminer.org&callback=_gfp_s_&client=ca-pub-5720763271532377

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5720763271532377&plah=www.threatminer.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf1eb05342f4806cb215501fe45986bba1249191f2fae02687ab0a840ecb29c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 129ms
26ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.threatminer.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 78ms
27ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.threatminer.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E904 77 KB
31 KB 437ms
436ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=3&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112024&bpp=4&bdt=331&idt=214&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&correlator=3569924714072&frm=20&pv=2&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=X3jqZJ0wEV&p=https%3A//www.threatminer.org&dtd=246

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6a8ae71ec28efe972d115583626f2fd66093c3b3bf63e8e50125a79d3911d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31238
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:12 GMT
expires: Wed, 05 Apr 2023 01:45:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF46 83 KB
32 KB 347ms
333ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=1&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112028&bpp=1&bdt=335&idt=248&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5KEwzWLDCy&p=https%3A//www.threatminer.org&dtd=257

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a5f712160609878eb0070d236a63ad8863312e1e19aa6b67f6e8fa513a45565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32153
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:12 GMT
expires: Wed, 05 Apr 2023 01:45:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame AB43 7 KB
4 KB 154ms
154ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default

Requested by

Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eed4eecabb579aae6b9e4c1bc2ebef74c8f83486079cf6688bdc1dcc5b1e0ca0

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2795
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 05 Apr 2023 01:45:12 GMT
ETag: W/"lounge:view:9252179228.5a1fc44476137389962a507711f29265.2"
Last-Modified: Sun, 11 Dec 2022 22:34:41 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 27 KB
9 KB 203ms
139ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=threatminer&experiment=destroydisplayadsonshowingvideo&variant=active&service=dynamic&anchorColor=%23337ab7&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&typeface=sans-serif&disqus_version=current
Requested by: Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 9261a1c667f3b33623d81a8ca7de614cadb3a0a97aa060f84e2b560b300f60f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:12 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 9124

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 135ms
105ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=i8k9li6q9h52&experiment=destroydisplayadsonshowingvideo&variant=active&service=dynamic&area=top&product=embed&forum=threatminer&zone=thread&version=00fde7e349e9ee2566c5f117c45abf06&page_url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Adestroydisplayadsonshowingvideo%3Aactive&section=default&verb=call&adjective=1&forum_id=5993718

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E621 98 KB
34 KB 397ms
394ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1680659112&rafmt=11&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112029&bpp=1&bdt=336&idt=287&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MtAdf29aSu&p=https%3A//www.threatminer.org&dtd=290

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e670cac10f34eed97a3f2b7346a69e3866df9991b596f1c2bb1e3f4b69b88101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34324
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:12 GMT
expires: Wed, 05 Apr 2023 01:45:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C427 89 KB
33 KB 311ms
301ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=748155151&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=294&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1035&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PjCQGvdUPa&p=https%3A//www.threatminer.org&dtd=299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733963c5513e2f47338ae2c4373a5448a7dae68dfa5a0103602218c0ad72f988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33755
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:12 GMT
expires: Wed, 05 Apr 2023 01:45:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/11b6937ae69e441f/ 309 KB
103 KB 67ms
17ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/11b6937ae69e441f/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=414385693720d4156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86c9bcfb7dfe01812b4dcfc944c93553f4a02cc77788e064126640b8728efcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105219
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 18:22:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 30 Mar 2024 08:47:30 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/11b6937ae69e441f/ 41 KB
9 KB 64ms
14ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/11b6937ae69e441f/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=414385693720d4156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 08:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 18:22:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 30 Mar 2024 08:47:30 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 66ms
16ms Stylesheet
text/css 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=414385693720d4156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 05 Apr 2023 02:12:11 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B8AC 98 KB
34 KB 225ms
224ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=8831273914&adk=3175788880&adf=707097127&pi=t.ma~as.8831273914&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=303&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=YdKzrcLt3Y&p=https%3A//www.threatminer.org&dtd=318

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8cca3e3649a308ed4e7cf9cb83a22f5383378f4bb3499d1c9483648895db917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:12 GMT
expires: Wed, 05 Apr 2023 01:45:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
66ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=privacy_notice&cls=alert%20alert-info%20alert-dismissable%20bottom_popup&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:45:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7BF 124 KB
39 KB 231ms
230ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&adk=1812271804&adf=3025194257&lmt=1680659112&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112147&bpp=2&bdt=454&idt=220&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db133cbf0acc955e9-220e6796f7de0064%3AT%3D1680659112%3ART%3D1680659112%3AS%3DALNI_MbzUbr0ygoAmksUglediGzuUE9RTg&gpic=UID%3D00000bd0b9361825%3AT%3D1680659112%3ART%3D1680659112%3AS%3DALNI_MbByRAhh9hlTTg_U14p6rmZQa8w2g&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200%2C1200x200&nras=1&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26cede390cb1ed461e0a59ad0f0b82606cbb629e5dd3f500d28597ee53ab050e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40406
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:12 GMT
expires: Wed, 05 Apr 2023 01:45:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK timeline.16b53cc33aaa562f8f41a495bf720289.js Show response
platform.twitter.com/js/ 8 KB
4 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.16b53cc33aaa562f8f41a495bf720289.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:12 GMT
Content-Encoding: gzip
Age: 1745544
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2964
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (frb/6725)
Etag: "569768187d20181e1cdea6aa19f3a4b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 ThreatMiner Show response
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame 0130 168 KB
17 KB 636ms
627ms Document
text/html 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

b757247071ccd38d077d28c0c474bb1703e5cdd99974c99609939c51e11880fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=60
content-encoding: gzip
content-length: 17619
content-type: text/html; charset=utf-8
date: Wed, 05 Apr 2023 01:45:12 GMT
etag: "29e0b-whxc/n1wVlW1IOknWkMq34/IhCg"
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 323b0d8d06b3eb3953771a77c4446ff9371fde9738f0206d4131eff9ec3a0b2e
x-response-time: 614
x-transaction-id: ab86d2ddfbfd6835
x-xss-protection: 0

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/11b6937ae69e441f/cse_element__de.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2bc126a6bc5b76cd14dc4d234c3bf9f65b3614b066274d9a73dbff08b35995d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "15756432762253931230"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 14ms
13ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/11b6937ae69e441f/default+de.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/11b6937ae69e441f/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 373200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 30 Mar 2024 18:05:12 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 373200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1512
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 30 Mar 2024 18:05:12 GMT

GET
H2 200 v1 Show response
cse.google.com/cse/element/ 469 B
1 KB 192ms
191ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/element/v1?rsz=filtered_cse&num=10&hl=de&source=gcsc&gss=.com&cselibv=11b6937ae69e441f&cx=414385693720d4156&q=69b7746514c70046dd974616ca0623cf&safe=active&cse_tok=AFW0emwCGZaifcv2bYcHStiquEuM:1680659112251&lr=&cr=&gl=&filter=0&sort=&as_oq=&as_sitesearch=&exp=csqr,cc&callback=google.search.cse.api10706

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/11b6937ae69e441f/cse_element__de.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afd6331e4cf7dd7b4593ab1c4d33e7d4c2c99a0be8aba0541921242c1b71459d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mTjD-oOXf3qRb4zrALKnQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/QualityProseCsqrElementHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/QualityProseCsqrElementHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/QualityProseCsqrElementHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-mTjD-oOXf3qRb4zrALKnQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/QualityProseCsqrElementHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/QualityProseCsqrElementHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/QualityProseCsqrElementHttp/cspreport
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="QualityProseCsqrElementHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"QualityProseCsqrElementHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/QualityProseCsqrElementHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
117 B 98ms
24ms Image
text/plain 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 88ms
14ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 lounge.load.00fde7e349e9ee2566c5f117c45abf06.js Show response
c.disquscdn.com/next/embed/ Frame AB43 958 B
1 KB 30ms
15ms Script
application/javascript 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.00fde7e349e9ee2566c5f117c45abf06.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a44839c944fc6d884252e1e480b8392534972345aa976306048aa42c565a6601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 28 Mar 2023 23:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 612367
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 495
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 28 Mar 2023 23:28:13 GMT
server: nginx
etag: "6423780d-1ef"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: JfFC--gjDnFXUFeDBrhK0xB5N85lITaPT8BzOdnjXbHMrDD0xaCnNA==
expires: Wed, 27 Mar 2024 23:39:04 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame 2909 354 KB
63 KB 32ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea47109a844f93cd3242df1fecd1d368fc422c2868b3b66005e26f755b622505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: wdcjDqeISQr6iTenRrA433l9YJhJoG2N
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 01:45:12 GMT
x-amz-request-id: 3PTT68BE67H0WN9T
age: 42
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 63564
x-amz-id-2: jKuFXc05apV2i0DktqAYh3Z995t3fzjpua9bdGdgtebNYfkNnWV9NtZiGR0MebYfMbv5YFZ0Ojo=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Tue, 04 Apr 2023 14:59:12 GMT
server: AmazonS3
x-timer: S1680659113.597901,VS0,VE0
etag: "f7e180e59704eec5207ff175812c1d78"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 58
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 5252

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 370 B
312 B 25ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.threatminer.org&client=google-coop&product=SAS&callback=__sasCookie

Requested by

Host: cse.google.com
URL: https://cse.google.com/adsense/search/async-ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c263bcbd5f875b09e18ce5e82351bc491111eea3b727dd0e4e51e19aae7232f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243
x-xss-protection: 0

GET
H3 200 ads Show response
cse.google.com/cse_v2/ Frame 47A8 5 KB
1 KB 121ms
120ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse_v2/ads?adsafe=high&pcsa=true&cx=414385693720d4156&fexp=20606&client=google-coop&q=69b7746514c70046dd974616ca0623cf&r=m&hl=de&type=0&oe=UTF-8&ie=UTF-8&format=p4&ad=p4&nocache=7181680659112584&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1680659112585&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=28475&frm=0&cl=520018305&uio=-&jsid=csa&jsv=520018305&rurl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&adbw=master-1%3A271

Requested by

Host: cse.google.com
URL: https://cse.google.com/adsense/search/async-ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e98194020da9e0a45aba6fc14f63aa5d416a3da89c25d2575613df1a55756497

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: br
content-length: 1290
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce--iu3x96Cnud6HLi6Q3dqJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Wed, 05 Apr 2023 01:45:12 GMT
expires: Wed, 05 Apr 2023 01:45:12 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 200 common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js Show response
c.disquscdn.com/next/embed/ Frame AB43 280 KB
93 KB 8ms
7ms Script
application/javascript 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.00fde7e349e9ee2566c5f117c45abf06.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cd3179714cc77f87b3275aecc5901867606b239d2f8d7f6a287c1a9800ff0021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 27 Mar 2023 21:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 705383
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94181
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Mon, 27 Mar 2023 21:43:49 GMT
server: nginx
etag: "64220e15-16fe5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: j8Gr22WrKkzNGGTDx-ommJYVbbizTGrMbxX1dsJXZVERZG1LTwHJQQ==
expires: Tue, 26 Mar 2024 21:48:49 GMT

GET
H2 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame B8AC 9 KB
4 KB 59ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=8831273914&adk=3175788880&adf=707097127&pi=t.ma~as.8831273914&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=303&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=YdKzrcLt3Y&p=https%3A//www.threatminer.org&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 23:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 23:27:11 GMT

GET
H2 200 675161e3b4fc5f66626139769aa58704.js Show response
www.gstatic.com/mysidia/ Frame B8AC 10 KB
5 KB 58ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/675161e3b4fc5f66626139769aa58704.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af58f28a3b214203fec8fd94cbc69e3521b6dcfcd76ad918d73ec8620b357021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4255
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 00:11:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B8AC 8 KB
1 KB 71ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 01:04:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame B8AC 2 KB
765 B 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 19:00:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame B8AC 22 KB
9 KB 67ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:52:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame B8AC 3 KB
1 KB 25ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:03:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame B8AC 20 KB
8 KB 69ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8AC 158 KB
49 KB 83ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H3 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame B8AC 34 KB
14 KB 27ms
18ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 01:00:22 GMT

GET
H2 200 impl.20230404-24-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 2909 740 KB
155 KB 10ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7b8229a042f170d262a77b93bc514a56ec5b4fdbd28aa4aa9daa26ff30cb7835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: gBeDEqA0ENZs_Jg2tNErKtKvtzRGRtvU
content-encoding: br
via: 1.1 varnish
date: Wed, 05 Apr 2023 01:45:12 GMT
x-amz-request-id: WVQC1P8Y4C0YG67C
age: 11900
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 158174
x-amz-id-2: WA7XuHQngHRvnsmQZcUCCqJzslfKdgy16m1adOZYTZwKBDq1exDvzNMy8NIH9py22Wr0P5tMDIs=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Tue, 04 Apr 2023 14:26:46 GMT
server: AmazonS3-br
x-timer: S1680659113.652557,VS0,VE0
etag: "90b5ad8ffd23e16f7d9108ca4ba3acc2"
vary: Accept-Encoding
content-type: application/javascript
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 7733

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 2909 4 KB
2 KB 61ms
28ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 06:30:31 GMT
content-encoding: gzip
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 69282
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: U-xHUplZQRHJ95do36rO_FRdtWGrZgXvJcSztDMPvhtVxlOKO9yzWA==

GET
H2 200 lounge.cef06fba9afb581ee691b2d4ff616400.css
c.disquscdn.com/next/embed/styles/ Frame AB43 233 KB
33 KB 8ms
8ms Stylesheet
text/css 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

410648e2f3fdc08aab90de8ce3fffcc71d7d41c5b6c61aae829e6d93c6d69127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 28 Mar 2023 23:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 612368
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 33266
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 28 Mar 2023 23:28:13 GMT
server: nginx
etag: "6423780d-81f2"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: XNaRD60USooRtV9mlQnh2o_C_bVuQfnkgDOJyWMTyQtF1Ob8yjL_0Q==
expires: Wed, 27 Mar 2024 23:39:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame DF46 2 KB
846 B 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=1&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112028&bpp=1&bdt=335&idt=248&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5KEwzWLDCy&p=https%3A//www.threatminer.org&dtd=257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 19:00:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame DF46 22 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:52:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame DF46 3 KB
1 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:03:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame DF46 20 KB
8 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF46 158 KB
49 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame DF46 34 KB
14 KB 25ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 01:00:22 GMT

GET
H2 200 16661184842218701562
tpc.googlesyndication.com/simgad/ Frame C427 32 KB
32 KB 33ms
32ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16661184842218701562?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnq9_UkxJpSSQ0S-Y6mlBdQ-vbdIA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=748155151&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=294&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1035&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PjCQGvdUPa&p=https%3A//www.threatminer.org&dtd=299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27249567b2ea01cf7e12780c83c8ee1b6d1d31bba17bcc50890c4713b60a4e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 02:49:37 GMT
x-content-type-options: nosniff
age: 428135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32468
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 13:55:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 02:49:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame C427 22 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:52:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame C427 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:03:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame C427 20 KB
8 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C427 158 KB
49 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame C427 34 KB
14 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d553f35feeb99fb57ddee1f88dfdb3581087d3f549b6755bad72d2391e8b7d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13802
x-xss-protection: 0
server: cafe
etag: 12530852252993553580
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 19:34:25 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/ 149 KB
51 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303300101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b0f9cb1094d7e2926ca420059f0d761080cbbbdaf18802f6c4d7653134e010f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51872
x-xss-protection: 0
server: cafe
etag: 17136603747247394768
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H2 200 lounge.bundle.b29dff8af22e68239aefa0cfa712236c.js Show response
c.disquscdn.com/next/embed/ Frame AB43 507 KB
127 KB 9ms
9ms Script
application/javascript 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.b29dff8af22e68239aefa0cfa712236c.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c67544fd10011f859ef0b47b80ed24f435b1e2f425730190c24d08a9f680b91d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 27 Mar 2023 21:48:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 705383
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 129767
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Mon, 27 Mar 2023 21:43:49 GMT
server: nginx
etag: "64220e15-1fae7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: Rv-ym79gNXIn2u_9-YdGhbgztoFE6qKKTnZSJtphZ_OokOljAaPmkw==
expires: Tue, 26 Mar 2024 21:48:49 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame AB43 17 KB
17 KB 11ms
9ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ae3ac7ed9f6ca4112df0192395fe8e05a6bccb02f5b3812b396d147715dbfdb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:12 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 5
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 17258
X-XSS-Protection: 1; mode=block

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C427 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP3ugqNIsZKy8FpPw7gOqgYeABZ2A5MhvkKrT6IYRvomSsYoOEAEg1bOubWCVgoCArAegAeTu4O8CyAECqQLIrZg6jmKyPqgDAcgDyQSqBOgBT9AjF0KSdQafTDTzgbihx9vUvL1dkzcqWFUYAIhaFze087HZyPImMVuUTzq1Nv-At5pgh8zFkiaE8j9NppdOYlLYK-HIWKWUImNukUEIIIfJZQN1dEnf2ixqK4_cCAdFqJKD62outyKtZqAHpT_Kib6jBG0h180GSE4WQ8FzDcxcUzqJFanS6wsIfEqw2pyrT7UOf1lHx6AyofxOfi9QRTGGTkIEKHVmCjX0t5TiNJ9QqTh9J4lDxhCQYOFM_KNyLpiNvVJppbeSS2ZF8OeojuQ-8VD75i2BeRrlZItIPLMsicNLRxSo0cAE0N2YmK0EoAYCgAeEkZ-QAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIfBB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMD0BUBmBYBgBcBshccChoIABIUcHViLTU3MjA3NjMyNzE1MzIzNzcYAA&sigh=ZyqYJUVIfeQ&uach_m=[UACH]&cid=CAQSGwDUE5ymizDN8VjEoGcNfw5y94vggJfGw0OBdRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=748155151&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=294&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1035&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PjCQGvdUPa&p=https%3A//www.threatminer.org&dtd=299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 01:45:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H3 200 16294161577623456281
tpc.googlesyndication.com/simgad/ Frame E904 21 KB
21 KB 16ms
15ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16294161577623456281?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlnNFodL-eKDM8oCj8kXxs3OIVfvA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=3&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112024&bpp=4&bdt=331&idt=214&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&correlator=3569924714072&frm=20&pv=2&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=X3jqZJ0wEV&p=https%3A//www.threatminer.org&dtd=246

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde6e07ec0603e970f7f79ae271ad6a378d204f4ef1f8f7241ca1552d52fbac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 17:05:08 GMT
x-content-type-options: nosniff
age: 204004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21897
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 12:49:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 01 Apr 2024 17:05:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame E904 22 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:52:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame E904 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:03:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame E904 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E904 158 KB
48 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame E904 34 KB
14 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d553f35feeb99fb57ddee1f88dfdb3581087d3f549b6755bad72d2391e8b7d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13802
x-xss-protection: 0
server: cafe
etag: 12530852252993553580
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 19:34:25 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ Frame 47A8 140 KB
51 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js?pac=0

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse_v2/ads?adsafe=high&pcsa=true&cx=414385693720d4156&fexp=20606&client=google-coop&q=69b7746514c70046dd974616ca0623cf&r=m&hl=de&type=0&oe=UTF-8&ie=UTF-8&format=p4&ad=p4&nocache=7181680659112584&num=0&output=uds_ads_only&source=gcsc&v=3&bsl=10&pac=0&u_his=2&u_tz=0&dt=1680659112585&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=28475&frm=0&cl=520018305&uio=-&jsid=csa&jsv=520018305&rurl=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&adbw=master-1%3A271

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2bc126a6bc5b76cd14dc4d234c3bf9f65b3614b066274d9a73dbff08b35995d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cse.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "15756432762253931230"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF46 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBgXbqNIsZMTOE6Dhx_APgtiv2AXhxfjObqankPKNCKvUzcGjDxABINWzrm1glYKAgKwHoAHIsanNA8gBAagDAcgDywSqBOsBT9AdFE1FgYmu_bdmd2Xod0JLYY7D7PZHeZSWj0zG99chriSeE9UlFR9QHVMpwE4wimlJOEDf7dBk6NOnwHory9rw_jL6jln7LUW8raxSoInFOR3GVKv_z8WQOZNNMon8JGA543IdQ5bp6DXaeFy24boKsuX06Ls79uYSUrJ1xCVRVet9vlbaocXAqdMaSS0yM4hlX2iayjQkYnY5J1eTmz3Lc_KtOPjL8Hd4M9g8sAwB6j0F_C_XABS-ieDwaLLmPntWazjZfEtOWA2yTZgGLIJI95PkkkHJ2mURofd8k7PxVtR7PxcVtmU6q8AEyNGqsecBkgUECAQYAZIFBAgFGASgBgKAB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDchQrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUF9AVAYAXAbIXHAoaCAASFHB1Yi01NzIwNzYzMjcxNTMyMzc3GAA&sigh=Y_kto8TBK9A&uach_m=[UACH]&cid=CAQSGwDUE5ymSUB6OyVj1p3UwqznlAPyYVDu_ooN2hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=600&slotname=6407101181&adk=2989800909&adf=2245449527&pi=t.ma~as.6407101181&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=1&format=299x600&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112028&bpp=1&bdt=335&idt=248&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5KEwzWLDCy&p=https%3A//www.threatminer.org&dtd=257
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 01:45:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame E621 9 KB
4 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1680659112&rafmt=11&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112029&bpp=1&bdt=336&idt=287&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MtAdf29aSu&p=https%3A//www.threatminer.org&dtd=290

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 23:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 23:27:11 GMT

GET
H3 200 675161e3b4fc5f66626139769aa58704.js Show response
www.gstatic.com/mysidia/ Frame E621 10 KB
4 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/675161e3b4fc5f66626139769aa58704.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af58f28a3b214203fec8fd94cbc69e3521b6dcfcd76ad918d73ec8620b357021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4255
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 00:11:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E621 8 KB
966 B 28ms
26ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 01:08:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame E621 2 KB
765 B 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 19:00:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame E621 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:52:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame E621 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:03:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame E621 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E621 158 KB
48 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:12 GMT

GET
H3 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame E621 34 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 01:00:22 GMT

GET
H3 200 16270960639174865937
tpc.googlesyndication.com/daca_images/simgad/ Frame DF46 27 KB
27 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16270960639174865937?w=360&h=720

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d0c1da8ead01b185ac43fc695890fb9245e8042fc6b81a016ffd07d1f9a5b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 07:35:04 GMT
x-content-type-options: nosniff
age: 65408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27403
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 05:45:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Apr 2023 07:35:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E904 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9k-EqNIsZNmSEpPKx_APwvGCcIic8NZvjtSLvJ0RvomSsYoOEAEg1bOubWCVgoCArAegAeTu4O8CyAECqQLIrZg6jmKyPqgDAcgDyQSqBOQBT9AqF5W3aLOUtz0Fa4u88ZbW9NoGZ7klkAJYdxZec2yVevo2V_b_aPFeLdRwDJG7_pKkf3pNIndXCP9pinGiZNVE1T4SzMPKvOjNTy2kHCWI3tYLJTLsKebQwF1qbfjkdcbZT8fuThVCSW_HOua9wW3ttBLRUm9T27GMTxw3k2TpOln4m0fKo5BHaDqm04jbSX3ga5GLr7fv62JMewZOzf8Vlj3FUuOkk-jPWmPD3Q4UuJIDuQLGtRqsyopuytUiNN_DzH_0cYLr8kaDK9Hxm9SbixxrjOofpm-IEl8CaMHCCF45wAT0kaTZpwSgBgKAB4SRn5ABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnY0H0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNTcyMDc2MzI3MTUzMjM3NxgA&sigh=NKcpRogAtgU&uach_m=[UACH]&cid=CAQSGwDUE5ymuJ1tAmlxJKvPnespqrnUrYA5YvxpOhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=3&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112024&bpp=4&bdt=331&idt=214&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&correlator=3569924714072&frm=20&pv=2&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=X3jqZJ0wEV&p=https%3A//www.threatminer.org&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 01:45:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 2909 46 B
288 B 62ms
14ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 302054
expires: 60

GET
H2 200 json Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame 2909 51 KB
14 KB 432ms
423ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=01%3A45%3A12.927&lti=deflated&data=%7B%22id%22%3A362%2C%22ii%22%3A%22%2Fsample.php%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1680620345773%2C%22vi%22%3A1680659112924%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf%22%2C%22vpi%22%3A%22%2Fsample.php%22%2C%22e%22%3A%22https%3A%2F%2Fwww.threatminer.org%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1208%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A1208%2C%22dh%22%3A27%2C%22qs%22%3A%22%3Fq%3D69b7746514c70046dd974616ca0623cf%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.threatminer.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22destroydisplayadsonshowingvideo%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22threatminer%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.threatminer.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22destroydisplayadsonshowingvideo%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22threatminer%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%2C%22amw%22%3A700%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: acfdedb137169396e6c8f061929c996837a4fe685a200f4e8bac8c0698f0bd61

Request headers

Referer: https://www.threatminer.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 417
date: Wed, 05 Apr 2023 01:45:13 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230085-FRA
server: nginx
x-timer: S1680659113.935965,VS0,VE417
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.threatminer.org
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/ Frame 2909 0
90 B 48ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=01%3A45%3A12.921&type=info&msg=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&llvl=2&id=7467&cv=20230404-24-RELEASE&lt=deflated&pct=1
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11904

GET
H2 204 debug
trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/ Frame 2909 0
89 B 48ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=01%3A45%3A12.922&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola%22%2C%22target_type%22%3A%22mix%22%2C%22placement%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.threatminer.org%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22destroydisplayadsonshowingvideo%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22threatminer%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22active%5C%22%7D%22%7D&llvl=2&id=3498&cv=20230404-24-RELEASE&lt=deflated&pct=1
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11904

GET
H2 204 debug
trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/ Frame 2909 0
89 B 48ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=01%3A45%3A12.926&type=info&msg=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22destroydisplayadsonshowingvideo%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22active%22%7D%20thumbnails-a&llvl=2&id=1881&cv=20230404-24-RELEASE&lt=deflated&pct=1
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11904

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B8AC 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci1zeqNIsZL3mFrvex_AP256J2ATRlemzb_bdhPKfDv_1kOPXAhABINWzrm1glYKAgKwHoAGg3bPdA8gBAakCorsHpF_4tD6oAwHIA8MEqgTbAU_Qk-_dewcO3wNC7SFezQcNpEM49nQunELYQtQ5l6EAn6HV63AqYtixnV88toY32KaCbOR_-yxb_3Q3_NHna-tkcA5CRtgDMKZjbcRqjh3mVIXueWMIkVlqIghPKZ7an9VpZCCMPaNuD_yeYD0zwTZs0esn4UjAuuRXJyeHlwKdoEUgPgsUEVkDJeCC07kzworHBBexWghmOmtdpxwAa609Ms7ZvhkdnZvzc9arvL_dpXzGRvIJ_9Pleb-x_iO5Y7yUz8s5AHBZX-5i3mPm0okNUIb5XuyUytJnzMAEmuKhht4DkgUECAQYAZIFBAgFGASgBlGAB8iizCKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCznwHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01NzIwNzYzMjcxNTMyMzc3GAA&sigh=y6zoqRH8tTY&uach_m=[UACH]&cid=CAQSGwDUE5ymNulQyZNh7ce0sibedv2zyEhEJdBsPRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=8831273914&adk=3175788880&adf=707097127&pi=t.ma~as.8831273914&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=303&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=YdKzrcLt3Y&p=https%3A//www.threatminer.org&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 01:45:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 743E 143 B
166 B 12ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=8831273914&adk=3175788880&adf=707097127&pi=t.ma~as.8831273914&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=303&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200%2C1200x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=2789&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=YdKzrcLt3Y&p=https%3A//www.threatminer.org&dtd=318
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 00:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ Frame 2909 0
225 B 9ms
9ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680659112967&ns_c=UTF-8&ns_if=1&c3=1&c7=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&c8=&c9=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:12 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: KsBhhFxe0ySEoQFdG0LuWCAGtD2EdZYsJxu1XtzzOOujEuZVMgFmvg==
x-cache: Miss from cloudfront

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7D70 143 B
166 B 14ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=6125219520&adk=3585176026&adf=748155151&pi=t.ma~as.6125219520&w=1200&fwrn=4&lmt=1680659112&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112030&bpp=1&bdt=337&idt=294&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600%2C1182x200&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=1035&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=PjCQGvdUPa&p=https%3A//www.threatminer.org&dtd=299
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 00:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C427 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d62244b2cc6afb10492a63aaaaecd14f5f40d443e1b8a224127bd86a2d1ffdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.threatminer.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.threatminer.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/ Frame 3A2C 10 KB
4 KB 13ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 03:32:03 GMT
etag: 2378337311435320485
expires: Tue, 18 Apr 2023 03:32:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B8AC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 153166c74ea7f7b64925c9dfd3535675e20ba7414ec4f2dd1c5d27313f385cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA71 143 B
166 B 17ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=250&slotname=4491384285&adk=1382012186&adf=1527761000&pi=t.ma~as.4491384285&w=299&fwrn=4&fwrnh=100&lmt=1680659112&rafmt=3&format=299x250&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112024&bpp=4&bdt=331&idt=214&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&correlator=3569924714072&frm=20&pv=2&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=X3jqZJ0wEV&p=https%3A//www.threatminer.org&dtd=246
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 00:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E904 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30e90ecd5feaf3b43b1b138858beb6b86735969ce140918e9b0218f69580761c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF46 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e88bcfc583fe7caf8ed0bb3c7f0e1e067cb16ae09f24a08bd1dca8c789265b40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 redir.html Show response
p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 020E 247 B
869 B 112ms
33ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

087451486cd9264c317ccf930bed7426a5d34552036ffb115f8e2050bead98ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-TxbQPUFXwtzLAQcnyh3sIQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame AB43 3 KB
3 KB 111ms
111ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=threatminer&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.6719fe9dbe70a5a047052a905ea1cbc5.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

541a09b1f8fe03a0ecb3df804a311c98b4f0d518cd5a077b11f0deb056e03a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Cookie
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/json
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 3120
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK runtime-2aa7644ee0b682b3d080.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 4 KB
3 KB 9ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 0f6bb019b01d05d948e743db0c2d7eea959ecd2dafbabb708c6c82770cb78615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2226
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/67F3)
Etag: "0d8171c0b65d54085dee2cd8c3ea6a5a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK modules.20f98d7498a59035a762.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 286 KB
94 KB 18ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 95842
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/6727)
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK main-fd9ef5eb169057cda26d.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 90 B
684 B 30ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 90
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/6796)
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H/1.1 200
OK _app-b32edc12070b8f808575.js Show response
platform.twitter.com/_next/static/chunks/pages/ Frame 0130 1 KB
1 KB 37ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/_app-b32edc12070b8f808575.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 668
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/6712)
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK %5BscreenName%5D-c33f0b02841cffc3e9b4.js Show response
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame 0130 13 KB
2 KB 39ms
15ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1290
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/6794)
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _buildManifest.js Show response
platform.twitter.com/_next/static/pcbn0iK_G1dWfIqi6Vryo/ Frame 0130 1 KB
1 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/pcbn0iK_G1dWfIqi6Vryo/_buildManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6793) /
Resource Hash: 7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 451
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/6793)
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _ssgManifest.js Show response
platform.twitter.com/_next/static/pcbn0iK_G1dWfIqi6Vryo/ Frame 0130 76 B
669 B 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/pcbn0iK_G1dWfIqi6Vryo/_ssgManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Age: 255681
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 76
Last-Modified: Tue, 07 Mar 2023 20:15:16 GMT
Server: ECS (frb/675D)
Etag: "abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/ Frame 3A2C 22 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:52:34 GMT

GET
H3 200 9368804557785076610
tpc.googlesyndication.com/simgad/ Frame 3A2C 22 KB
22 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9368804557785076610?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qknEmVwedIZvTpDty6I9A35Q324ZQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d7a902d3ff5ece748d20b5fcbd8899afe8067dae0e3046d3840abab1b379edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:00:26 GMT
x-content-type-options: nosniff
age: 92687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22589
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 14:07:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 Apr 2024 00:00:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame 3A2C 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:03:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame 3A2C 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 18:48:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 18:48:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A2C 158 KB
48 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49602
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680521770904888"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 01:45:13 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/ Frame 3A2C 34 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230330/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d553f35feeb99fb57ddee1f88dfdb3581087d3f549b6755bad72d2391e8b7d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 19:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13802
x-xss-protection: 0
server: cafe
etag: 12530852252993553580
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 19:34:25 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame B8AC 29 KB
30 KB 68ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 100220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 21:54:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E621 0
0 61ms
58ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQd3kqNIsZPeKFdbax_APkJ-32ATRlemzb_vm2ujSDv_1kOPXAhABINWzrm1glYKAgKwHoAGg3bPdA8gBAakCorsHpF_4tD6oAwHIA8MEqgTbAU_QOQk02gdiQmQcBflO4B7SOfaMRqd4QOEbK_mtzB7Q0k29zscbe_QaNizAjCKjg7ebV3v4xQd0iK6SVqMNoV1elFlpDzUs5V1p8qRzvxqxf1spkMStdPyrjY_dPT4KBLHJX0hvwCymYO30di3TL7La-bZKOKx_mYltuHBCuUKdGVwzK_B_Nc1tcQMW9wc9GHYbHs7wLLvM3Uh5PyjSR22kDpPeca6DjTmcfisKdywakXZFrgZ_Ep2n5kAm6uCw0YiCn-Ywsnw2q1Bi04iSj2tOATR6V21T7l8Gb8AEmuKhht4DkgUECAQYAZIFBAgFGASgBlGAB8iizCKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDmhwjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01NzIwNzYzMjcxNTMyMzc3GAA&sigh=JLguT-FeLp0&uach_m=[UACH]&cid=CAQSGwDUE5ymFLedZ3lVlvsiCSCCpX-f44wBh-LJYhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1680659112&rafmt=11&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112029&bpp=1&bdt=336&idt=287&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MtAdf29aSu&p=https%3A//www.threatminer.org&dtd=290
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 05 Apr 2023 01:45:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A62 143 B
166 B 14ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5720763271532377&output=html&h=200&slotname=1381165906&adk=2644663765&adf=151644923&pi=t.ma~as.1381165906&w=1182&fwrn=4&lmt=1680659112&rafmt=11&format=1182x200&url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680659112029&bpp=1&bdt=336&idt=287&shv=r20230330&mjsv=m202303300101&ptt=9&saldr=aa&abxe=1&prev_fmts=299x250%2C299x600&correlator=3569924714072&frm=20&pv=1&ga_vid=683483255.1680659112&ga_sid=1680659112&ga_hid=1097699795&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=359&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071756%2C31073485%2C44788441%2C31071268&oid=2&pvsid=3339220411880613&tmod=12585163&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=MtAdf29aSu&p=https%3A//www.threatminer.org&dtd=290
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 00:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E621 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec724cceef32a98d037c3de5a036fa3f8fc3e96c7bf5fc7385253ee35a785e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 743E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
20ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
expires: Wed, 05 Apr 2023 01:45:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7D70
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
22ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
expires: Wed, 05 Apr 2023 01:45:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js Show response
pagead2.googlesyndication.com/bg/ Frame FA1A 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14333
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 00:14:29 GMT

GET
H2 200 iframe.html Show response
p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 020E 5 KB
2 KB 35ms
32ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

288bbf40600eb134a61fb6710addc9b0cee3830bff61bac6fe5af700afb4da75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-Hj_bKF8TVyihAJjrD2KR3Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame AB43 11 KB
837 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3cb790d51079c6b295c5fc69fa01fc44284569a8cacd9035b09f71f27a59a89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Apr 2023 01:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 01:07:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Apr 2023 01:45:13 GMT

GET
DATA 200
OK truncated
/ Frame AB43 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame AB43 13 KB
13 KB 8ms
7ms Image
image/svg+xml 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Sun, 15 Jan 2023 02:16:14 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 6910139
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6Lf8nh6c1y28QTIL_xsySUpWAcyb8dAltmFaz01KTVfH4mSbg3w4Gw==
expires: Mon, 15 Jan 2024 02:16:14 GMT

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame AB43 3 KB
3 KB 8ms
7ms Image
image/gif 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 12 Jan 2023 03:03:01 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 7166532
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 06 Jan 2023 19:06:43 GMT
server: nginx
etag: "63b87143-b9b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ej1_xuc4FyGCDcxLr-U6uyHviO1j_2qjipuexGUfbfSYkEedHQ1ZkA==
expires: Fri, 12 Jan 2024 03:03:01 GMT

GET
H2 200 email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame AB43 840 B
1 KB 11ms
9ms Image
image/svg+xml 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 25 Jan 2023 03:23:40 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 6042093
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 840
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-348"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: vFfoUBc-MsCnVFdJSdCO_KL0JSlYZjc48r5gORXvYX9Ukq_inHn8oQ==
expires: Thu, 25 Jan 2024 03:23:40 GMT

GET
H2 200 privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame AB43 891 B
1 KB 11ms
9ms Image
image/svg+xml 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 28 Jan 2023 10:59:15 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 5755558
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 891
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Fri, 20 Jan 2023 22:02:55 GMT
server: nginx
etag: "63cb0f8f-37b"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1oo_su-BBuQ4TatcR5FQQF_FAE-b8kAbtX6EknRR_CSV8YN9p2SPhA==
expires: Sun, 28 Jan 2024 10:59:15 GMT

GET
H2 200 warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame AB43 605 B
1 KB 11ms
10ms Image
image/svg+xml 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 07:05:35 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 6719978
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 605
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-25d"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rFCubBWQN5Ni_omsu2mUZx7ER4ApFufTx2V8fsSe7hiA9L6soVQ3UQ==
expires: Wed, 17 Jan 2024 07:05:35 GMT

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame AB43 2 KB
2 KB 11ms
10ms Image
image/png 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 17 Jan 2023 06:16:10 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 6722943
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 12 Jan 2023 21:51:05 GMT
server: nginx
etag: "63c080c9-6e3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6O8Vcs45MUTd6ZvkRj6q4nmsQy0GLPxUogzaZliUTwdNFNDW_zbVHw==
expires: Wed, 17 Jan 2024 06:16:10 GMT

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame AB43 8 KB
8 KB 9ms
8ms Font
application/octet-stream 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.cef06fba9afb581ee691b2d4ff616400.css
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 03 Jun 2022 22:05:41 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
age: 26365172
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Fri, 03 Jun 2022 17:03:15 GMT
server: nginx
etag: "629a3ed3-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Q2eFAz6zdWE3KS2Mbbej2sJxeFT3jBAHY7ZO6FjlS0gsPm4TAPtZuQ==
expires: Sat, 03 Jun 2023 22:05:41 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame E621 29 KB
29 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 100220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 21:54:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA71
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
26ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
expires: Wed, 05 Apr 2023 01:45:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5381 143 B
166 B 13ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 00:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E99 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14333
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 00:14:29 GMT

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 8ms
8ms Script
application/javascript 2600:9000:2057:9000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: threatminer.disqus.com
URL: https://threatminer.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:9000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 16 Mar 2023 10:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1695204
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 02 Mar 2023 09:36:57 GMT
server: nginx
etag: "64006e39-67d2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
timing-allow-origin: *
x-amz-cf-id: DJdNnSpGw3egKvYOCoVTM5g94P7LVJszTI0MiPU9MgxbTgOs-8dRKw==
expires: Fri, 15 Mar 2024 10:51:49 GMT

GET
H2 200 cta-component.20230404-24-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 2909 19 KB
5 KB 7ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230404-24-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2eba0c668c4cf3ca9b2c3033bea44179f78811976dd0fc2d0568a3a822d28663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: myLf.5ow00.fubh0j9CvfMRM9klT2iGI
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 01:45:13 GMT
x-amz-request-id: 7BE37QYNQSNMMHYN
age: 40104
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4739
x-amz-id-2: e1CupWGahrs+//GA2B33VoZ6Es8CnJdVvUYPEeMiA4hwV1v0S5x74q3QIuvwsDmp1w+txru9U0I=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Tue, 04 Apr 2023 14:36:49 GMT
server: AmazonS3
x-timer: S1680659113.451682,VS0,VE0
etag: "16348ba0782e03d5b38390d77f5f79af"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 67572

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.9/ Frame 2909 110 KB
30 KB 18ms
8ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b108ad68dfc4388a72abac7eaeb6541a3989a5bd72137817408e650f59b3d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 2648411
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 30625
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Sun, 05 Mar 2023 10:04:45 GMT
server: AmazonS3
x-timer: S1680659113.464285,VS0,VE0
etag: "ea028f92a7f8148937b7e7ff11aa20a4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: JrzMzob3b_lsiDqKsyNntkLocwPdIpGwM8OHQqP_5ieycIPZk6oCCQ==
x-cache-hits: 36088

GET
H2 200 userx.20230404-24-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 2909 17 KB
6 KB 6ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230404-24-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94e25a4cbb905f5c59751999c7f2e02e2141e2dd71fd7ed52d493c394e56523b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: m2dv36SJb4O6X0aqffRTbo8YE2yPodG6
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 01:45:13 GMT
x-amz-request-id: WMFST8VKQPN18YRP
age: 40013
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5399
x-amz-id-2: 2+2V5ospOQfdEz/jNzm0YLsbTr9WMkMsZGUTcGMHi5X4h/jgbHY8YyGVJD2RnlUSM0+Ij7bFiIg=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Tue, 04 Apr 2023 14:38:20 GMT
server: AmazonS3
x-timer: S1680659113.455587,VS0,VE0
etag: "099d476c2a4b3722525fe1b627f3aed8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 11741

GET
H2 204 debug
am-trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/ Frame 2909 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=01%3A45%3A13.444&type=info&msg=Start%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22destroydisplayadsonshowingvideo%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22active%22%7D&llvl=2&id=8184&cv=20230404-24-RELEASE&lt=deflated&pct=1
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11898

GET
H2 204 abtests
am-trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 2909 0
230 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/3/abtests?route=AM:AM:V&tvi2=-2&lti=deflated&ri=bd1cdcab105fe982f711861e59c473e6&sd=v2_a0e882019174d5f37dc0909395b5b511_b957160c-9213-4066-bc06-255a800bd96c-tuctb265828_1680659112_1680659112_CIi3jgYQktQ_GNzH2_j0MCABKAEwODib4wlAgooQSMzK2QNQ____________AVgAYABozq3NxKCqkvbKAXAA&ui=b957160c-9213-4066-bc06-255a800bd96c-tuctb265828&pi=/sample.php&wi=2055554289249226850&pt=text&vi=1680659112924&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1680659113445%7D&tim=01%3A45%3A13.445&id=7981&llvl=2&cv=20230404-24-RELEASE&
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 05 Apr 2023 01:45:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/ Frame 2909 0
89 B 13ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=01%3A45%3A13.452&type=info&msg=Finish%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22destroydisplayadsonshowingvideo%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22active%22%7D&llvl=2&id=615&cv=20230404-24-RELEASE&lt=deflated&pct=1
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11898

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB43 15 KB
16 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 54843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:10 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB43 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 54842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:11 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB43 17 KB
17 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:55 GMT
x-content-type-options: nosniff
age: 54798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB43 16 KB
16 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 54849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB43 17 KB
17 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://disqus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:33:04 GMT
x-content-type-options: nosniff
age: 54729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:33:04 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A62
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
23ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
expires: Wed, 05 Apr 2023 01:45:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 debug
am-trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/ Frame 2909 0
89 B 12ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=01%3A45%3A13.559&type=info&msg=Finish%20Rendering%20%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.threatminer.org%22%2C%20%22experiment%22%3A%20%22destroydisplayadsonshowingvideo%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22threatminer%22%2C%20%22variant%22%3A%20%22active%22%7D&llvl=2&id=7106&cv=20230404-24-RELEASE&lt=deflated&pct=1
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11918

GET
H/1.1 200
OK 2.691622e4391d1973cb65.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 23 KB
8 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 7674
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/669E)
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 16.bef86bd1520696dea547.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 37 KB
12 KB 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/16.bef86bd1520696dea547.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 129d9a340ad960236445c559190546672c530544e000fd246b6b046afeac5666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 12053
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/674D)
Etag: "46d80e217756a943975c9f22eb40c6d9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 225ac8178e01d02c9544635181d11e27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2909 15 KB
16 KB 8ms
7ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 786ba42fe37c22ff6786070c5c37bf1782f29e826cb4ce4a7267a6b1a1c90f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 3748301
edge-cache-tag: 602328860012357606151299032710582386322,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 682
req-referer: https://weather.com/
content-length: 15310
x-request-id: f68960337b67afdc6e21fedc139fa717
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100082-IAD, cache-iad-kiad7000104-IAD, cache-lga21934-LGA, cache-iad-kcgs7200071-IAD, cache-fra-eddf8230085-FRA
last-modified: Mon, 06 Feb 2023 13:18:00 GMT
server: nginx
x-timer: S1680659114.588039,VS0,VE1
etag: "997f80376daef625368578246513047e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 509, 1

GET
H2 200 2bf6cb54003e28514ae269113c9aa4ce.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2909 34 KB
35 KB 9ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bf6cb54003e28514ae269113c9aa4ce.png
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac63e48ac09a7062a6703eea2ee3158007978beade54e236107cf22aaf089d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bf6cb54003e28514ae269113c9aa4ce.png
age: 719890
edge-cache-tag: 568575426607388691184424167489902426847,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568575426607388691184424167489902426847,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 191
expiration: expiry-date="Sat, 01 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.stuttgarter-nachrichten.de/
content-length: 34562
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200023-IAD, cache-lax10661-LGB, cache-iad-kiad7000070-IAD, cache-fra-eddf8230085-FRA
last-modified: Wed, 01 Mar 2023 20:02:19 GMT
server: nginx
x-timer: S1680659114.590857,VS0,VE1
etag: "1cc245c4ff96d506aaa3cefa2cf930d7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 db372a02b0e8f62a5e9972daeee30866.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2909 17 KB
18 KB 10ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db372a02b0e8f62a5e9972daeee30866.jpeg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f6aabeba4e8c8a898eed01071381947833af4ad7f39582ebf296fc2a266f8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db372a02b0e8f62a5e9972daeee30866.jpeg
age: 3428442
edge-cache-tag: 366107303650245976883062117727348509964,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366107303650245976883062117727348509964,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1181
req-referer: https://www.songtexte.de/
content-length: 17244
x-request-id: 06d125cbfc977688421d8c0823487264
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100171-IAD, cache-chi-klot8100047-CHI, cache-iad-kiad7000113-IAD, cache-fra-eddf8230085-FRA
last-modified: Fri, 24 Feb 2023 08:45:42 GMT
server: nginx
x-timer: S1680659114.591173,VS0,VE1
etag: "b8d68de5d86549127178cb7e923508ef"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 54, 1

GET
H2 200 d149fdfd3ca8238eb2eaf9a63aa6af3a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2909 5 KB
6 KB 10ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d149fdfd3ca8238eb2eaf9a63aa6af3a.jpg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38e65ef81d8c3beaaca9e880618029784ae596336af55f5778ae913c50e93558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d149fdfd3ca8238eb2eaf9a63aa6af3a.jpg
age: 5473024
edge-cache-tag: 532990055932632983047813267003562044641,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 532990055932632983047813267003562044641,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 88
req-referer: https://paperela.com/
content-length: 4974
x-request-id: 1b40861c2ccf1dafbda0091bab049d07
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100144-IAD, cache-chi-klot8100027-CHI, cache-iad-kjyo7100109-IAD, cache-fra-eddf8230085-FRA
last-modified: Tue, 17 Jan 2023 00:35:32 GMT
server: nginx
x-timer: S1680659114.591167,VS0,VE1
etag: "aea6b53c15ac9d020301decec5191d57"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 0, 523, 1

GET
H2 200 1423157453__8brW0CpU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ Frame 2909 12 KB
13 KB 8ms
7ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1423157453__8brW0CpU.jpg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fafb275b28b94b94ecf543503c093b1ac509c8e094facd06a7cbfe88ddd2a896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1423157453__8brW0CpU.jpg
age: 564095
edge-cache-tag: 483998751682395725952657145745031256798,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 483998751682395725952657145745031256798,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 109
req-referer: https://authorspick.com/
content-length: 12798
x-request-id: 0d01e1c1dd074bdbd00e0d0074118cad
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100161-IAD, cache-iad-kcgs7200170-IAD, cache-lax10641-LGB, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230085-FRA
last-modified: Sat, 25 Mar 2023 17:20:55 GMT
server: nginx
x-timer: S1680659114.591294,VS0,VE0
etag: "41935ac7761d305b950d37a4600bee20"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 74, 2

GET
H2 200 9bca5b2e3f02f72ac13cfadc77662fff.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 2909 3 KB
4 KB 7ms
7ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bca5b2e3f02f72ac13cfadc77662fff.jpeg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c22cb9259c7f71633eb2f2e43f3629bb2ef651868c0896bfe4da93a00631ef6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9bca5b2e3f02f72ac13cfadc77662fff.jpeg
age: 2546303
edge-cache-tag: 432283093175598110564907091342664427499,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
cache-tag: 432283093175598110564907091342664427499,572111196681019971487773214107964106610,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 806
req-referer: https://www.azuredevopslabs.com/
content-length: 3270
x-request-id: f49396dac8045a1f87dad50613f6ae20
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000174-IAD, cache-iad-kiad7000123-IAD, cache-chi-klot8100063-CHI, cache-iad-kcgs7200164-IAD, cache-fra-eddf8230085-FRA
last-modified: Sun, 26 Feb 2023 03:50:19 GMT
server: nginx
x-timer: S1680659114.591294,VS0,VE0
etag: "57fe5a92155b17078f5971a8c3345a93"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 613, 2

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame AB43 43 B
339 B 105ms
105ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=808&event=init_embed&thread=9252179228&forum=threatminer&forum_id=5993718&imp=i8k9li6q9h52&thread_slug=69b7746514c70046dd974616ca0623cf_malware_analysis_results_threatminerorg&user_type=anon&referrer=https%3A%2F%2Fwww.threatminer.org%2F&theme=next&dnt=0&tracking_enabled=0&experiment=destroydisplayadsonshowingvideo&variant=active&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=threatminer&t_i=69b7746514c70046dd974616ca0623cf&t_u=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&t_d=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&t_t=69b7746514c70046dd974616ca0623cf%20File%20Analysis%20Results%20%7C%20ThreatMiner.org&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 200 U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 72D1 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14333
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 00:14:29 GMT

GET
H2 206 gdetfj8uapoef9uovk9f.mp4
cdn.taboola.com/libtrc/static/video/v1679261701/ Frame 2909 1 MB
1 MB 7ms
7ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1679261701/gdetfj8uapoef9uovk9f.mp4
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937

Request headers

Referer: https://www.threatminer.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: vLt8qBQwpjSWOpbpRZJd.qY1SyjnMfj5
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish
x-amz-request-id: AZBAA62DNF279FRA
age: 12
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-1133441/1133442
x-amz-replication-status: COMPLETED
Content-Length: 1133442
x-amz-id-2: CR3KUAVbBPuIMbGd7ttvkOPu2OsruwzV4fXxguVQK/xa1xClbVGyQQ4N45hFuNwihQstPjCI7L0=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Sun, 19 Mar 2023 21:35:10 GMT
server: AmazonS3
x-timer: S1680659114.668447,VS0,VE1
etag: "5cdc25693b01a36bfabe5203c9f55c70"
content-type: video/mp4;codecs=avc1
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
390 B 151ms
8ms Image
image/gif 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.395385561163615
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-65.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:02 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 11
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
content-length: 43
x-amz-cf-id: wAyxCLGTK4VR_hW5lh3FxBffTyHE-At8NV9OqfOsp5ofHKh1LXb1NQ==

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
387 B 152ms
9ms Image
image/gif 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.395385561163615
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-65.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:02 GMT
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 11
etag: "221d8352905f2c38b3cb2bd191d630b0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 0S16lQ7vfJr-W1WOi_r2JSGy-oUH7outQfrctVdNfAWtduxCiK9hRA==

GET
H3 200 U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CB6 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14333
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 00:14:29 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 786ba42fe37c22ff6786070c5c37bf1782f29e826cb4ce4a7267a6b1a1c90f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/225ac8178e01d02c9544635181d11e27.jpg
age: 3748301
edge-cache-tag: 602328860012357606151299032710582386322,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 602328860012357606151299032710582386322,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 682
req-referer: https://weather.com/
content-length: 15310
x-request-id: f68960337b67afdc6e21fedc139fa717
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100082-IAD, cache-iad-kiad7000104-IAD, cache-lga21934-LGA, cache-iad-kcgs7200071-IAD, cache-fra-eddf8230085-FRA
last-modified: Mon, 06 Feb 2023 13:18:00 GMT
server: nginx
x-timer: S1680659114.775571,VS0,VE0
etag: "997f80376daef625368578246513047e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 509, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bf6cb54003e28514ae269113c9aa4ce.png
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac63e48ac09a7062a6703eea2ee3158007978beade54e236107cf22aaf089d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bf6cb54003e28514ae269113c9aa4ce.png
age: 719890
edge-cache-tag: 568575426607388691184424167489902426847,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568575426607388691184424167489902426847,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 191
expiration: expiry-date="Sat, 01 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.stuttgarter-nachrichten.de/
content-length: 34562
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200023-IAD, cache-lax10661-LGB, cache-iad-kiad7000070-IAD, cache-fra-eddf8230085-FRA
last-modified: Wed, 01 Mar 2023 20:02:19 GMT
server: nginx
x-timer: S1680659114.777213,VS0,VE0
etag: "1cc245c4ff96d506aaa3cefa2cf930d7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db372a02b0e8f62a5e9972daeee30866.jpeg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f6aabeba4e8c8a898eed01071381947833af4ad7f39582ebf296fc2a266f8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/db372a02b0e8f62a5e9972daeee30866.jpeg
age: 3428442
edge-cache-tag: 366107303650245976883062117727348509964,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 366107303650245976883062117727348509964,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1181
req-referer: https://www.songtexte.de/
content-length: 17244
x-request-id: 06d125cbfc977688421d8c0823487264
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100171-IAD, cache-chi-klot8100047-CHI, cache-iad-kiad7000113-IAD, cache-fra-eddf8230085-FRA
last-modified: Fri, 24 Feb 2023 08:45:42 GMT
server: nginx
x-timer: S1680659114.777570,VS0,VE0
etag: "b8d68de5d86549127178cb7e923508ef"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 54, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d149fdfd3ca8238eb2eaf9a63aa6af3a.jpg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38e65ef81d8c3beaaca9e880618029784ae596336af55f5778ae913c50e93558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d149fdfd3ca8238eb2eaf9a63aa6af3a.jpg
age: 5473024
edge-cache-tag: 532990055932632983047813267003562044641,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 532990055932632983047813267003562044641,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 88
req-referer: https://paperela.com/
content-length: 4974
x-request-id: 1b40861c2ccf1dafbda0091bab049d07
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100144-IAD, cache-chi-klot8100027-CHI, cache-iad-kjyo7100109-IAD, cache-fra-eddf8230085-FRA
last-modified: Tue, 17 Jan 2023 00:35:32 GMT
server: nginx
x-timer: S1680659114.777435,VS0,VE0
etag: "aea6b53c15ac9d020301decec5191d57"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 0, 523, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1423157453__8brW0CpU.jpg
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fafb275b28b94b94ecf543503c093b1ac509c8e094facd06a7cbfe88ddd2a896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 05 Apr 2023 01:45:13 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1423157453__8brW0CpU.jpg
age: 564095
edge-cache-tag: 483998751682395725952657145745031256798,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
cache-tag: 483998751682395725952657145745031256798,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 109
req-referer: https://authorspick.com/
content-length: 12798
x-request-id: 0d01e1c1dd074bdbd00e0d0074118cad
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100161-IAD, cache-iad-kcgs7200170-IAD, cache-lax10641-LGB, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230085-FRA
last-modified: Sat, 25 Mar 2023 17:20:55 GMT
server: nginx
x-timer: S1680659114.777481,VS0,VE0
etag: "41935ac7761d305b950d37a4600bee20"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 74, 3

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5381
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
expires: Wed, 05 Apr 2023 01:45:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js Show response
pagead2.googlesyndication.com/bg/ Frame DEFA 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14333
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 00:14:29 GMT

GET
H3 200 U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0ADE 36 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14333
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 00:14:29 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 104ms
104ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=i8k9li6q9h52&experiment=destroydisplayadsonshowingvideo&variant=active&service=dynamic&area=top&product=embed&forum=threatminer&zone=thread&version=00fde7e349e9ee2566c5f117c45abf06&page_url=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Adestroydisplayadsonshowingvideo%3Aactive&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=5993718

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 0.12059cc9aae4f779ab68.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 314 KB
104 KB 9ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/0.12059cc9aae4f779ab68.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 5bccb3d79dd85afc5c9d3a008ed9a9af4353560cb21084e755b313dbe5eec75b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 106305
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/67BA)
Etag: "145185fec2c06c3409682e5df48acdf8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 4.c99a76747fd916e95958.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 244 KB
66 KB 10ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/4.c99a76747fd916e95958.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 805c456f58d00a6ca84ce26e4a0e20d130245ba8c3021dbc775d835701c98779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 66820
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/67BC)
Etag: "813fe12fe49871b42d9cd17b5f80c663+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 1.6dc2052b2926970f8f23.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 146 KB
39 KB 11ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/1.6dc2052b2926970f8f23.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 4c8c703afd944080a14f8c5edcb3c00bda5b28adf95871b7d463223e3a21a77c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 39787
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/67BC)
Etag: "58d1106dcf23b98737f807cfc4b30e22+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 3.dc446a58e72d99fbbc5e.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 661 KB
162 KB 10ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/3.dc446a58e72d99fbbc5e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: bcbc3e8177967b6713301b69a1c24e448abbd859f9864c068e8945144ef603d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745542
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 164942
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/67AA)
Etag: "a2c1d40300c36b57816d6778d5a8cdca+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 6.d1bd699b8a5d6cc08f0b.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 2 KB
2 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/6.d1bd699b8a5d6cc08f0b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F2) /
Resource Hash: 713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:13 GMT
Content-Encoding: gzip
Age: 1745547
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 1276
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/67F2)
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK ondemand.Dropdown.4a5d9e2d4c04334f8432.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 7 KB
3 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.4a5d9e2d4c04334f8432.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:14 GMT
Content-Encoding: gzip
Age: 1745548
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2822
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/673A)
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 24 KB
7 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~loaders.card.DefaultCard.bb86da9c6b7f7c1afe77.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: ded840a5f928bf7a6acf3284c66db9072ec9c5380f19c976d25e221f0ce389d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:14 GMT
Content-Encoding: gzip
Age: 1745548
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 6183
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/675D)
Etag: "795a024b9fe49518f14d917058dbd4e5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK loaders.card.DefaultCard.62f0b5bedf79f4020932.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 254 KB
58 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/loaders.card.DefaultCard.62f0b5bedf79f4020932.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 5dbd5e426db9debda761aa7ffec07450dc850a5896783de6a410af7b97c4b283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:14 GMT
Content-Encoding: gzip
Age: 1745548
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 59006
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/6776)
Etag: "7d6c2b11f7d205d06690f57e173fbd5a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 1f448.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 0130 571 B
519 B 37ms
10ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f448.svg

Requested by

Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a1b6dc2f5a2d982076bb9749027da81c6c24bad4d6ee899e0aabd627031cb44

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 01:45:14 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 373
x-served-by: cache-fty21337-FTY, cache-fra-eddf8230033-FRA
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
etag: "HjttJ7+yHwTcngDHvJZcVQ=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 17 Mar 2023 07:29:51 GMT

GET
H2 200 1f602.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 0130 2 KB
960 B 138ms
111ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f602.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1752c287f6fbbb65e1c982399584bbc9b1e0c46f0dc181cda9b8028dc60c4c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 01:45:14 GMT
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 770
x-served-by: cache-fty21371-FTY, cache-fra-eddf8230033-FRA
last-modified: Wed, 21 Feb 2018 22:31:08 GMT
etag: "YgFQPzqpGEcKIZCzbR4Zbw=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 17 Mar 2023 06:55:51 GMT

GET
H2 200 1f918.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 0130 1 KB
1011 B 35ms
8ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f918.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7747173ae0867afea05aba24e5cdeccb30d438445577780791b4cb3348436f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Apr 2023 01:45:14 GMT
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 611
x-served-by: cache-fty21355-FTY, cache-fra-eddf8230033-FRA
last-modified: Fri, 18 Jan 2019 21:00:32 GMT
etag: "TMY5iYc1Ub6SGPghkybrYg=="
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
x-transaction-id: a6a614f3ce81dacd
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 18 Oct 2023 09:01:46 GMT

GET
H/1.1 200
OK vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js Show response
platform.twitter.com/_next/static/chunks/ Frame 0130 148 KB
42 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.d0dde7eb339d57b45e0d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-2aa7644ee0b682b3d080.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:14 GMT
Content-Encoding: gzip
Age: 1745548
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 41941
Last-Modified: Tue, 07 Mar 2023 20:15:15 GMT
Server: ECS (frb/67E2)
Etag: "5e006b62c5bde14eb6fa194e2cee465c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 like.4.json Show response
abs.twimg.com/sticky/animations/ Frame 0130 24 KB
2 KB 160ms
12ms Fetch
application/json 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://abs.twimg.com/sticky/animations/like.4.json

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/3.dc446a58e72d99fbbc5e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C86) /

Resource Hash

4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
age: 14374435
x-ton-expected-size: 24292
x-cache: HIT
content-length: 1897
x-response-time: 10
surrogate-key: twitter-assets
last-modified: Thu, 20 Oct 2022 16:50:56 GMT
server: ECAcc (frc/4C86)
etag: "YKYmOkwIx9KztN7bQT7x8g=="
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-transaction-id: 80afab27525733bc
perf: 7626143928
x-connection-hash: 00620de26479f72103b0d6f4ca0873a782dd4164b4c1379a9b6b21190ad4a58b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 04 Apr 2024 01:45:14 GMT

GET
H2 200 D2wzfrBX4AEGE9H.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 0130 8 KB
8 KB 268ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/D2wzfrBX4AEGE9H.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

0978cc2c3431f65d379b1f8fba4c27a88d006a1e59d1486965e5ffc57b529b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 568986
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 7825
x-response-time: 116
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/1 tweet_video_thumb/1111319827271114753
last-modified: Thu, 28 Mar 2019 17:29:08 GMT
server: ECS (frb/669E)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 7e551bbb607168e6
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 268a5a3d26234ed0d6dde083a59936ab32836fcb60b076ed9d973dcdb14b80c4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 D1ErO9GW0AQ_Cn_.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 0130 11 KB
11 KB 273ms
14ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/D1ErO9GW0AQ_Cn_.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

4b71222bdc0dd351b946e936f3f5aed39569314c4646ef9bdf800d89f9141839

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 3220
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 11105
x-response-time: 110
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/9 tweet_video_thumb/1103710919601868804
last-modified: Thu, 07 Mar 2019 17:34:03 GMT
server: ECS (frb/67E2)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ea215aa7906ac082
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 1df3d640637c6b75520a21139e9532ed70f72f61cceed811caa42a5cf34b72dc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 jot
syndication.twitter.com/i/ Frame 0130 43 B
146 B 113ms
113ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1680659114372%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%228aec920%3A1678208228078%22%2C%22widget_data_source%22%3A%22screen-name%3AThreatMiner%22%7D&dnt=1&session_id=94f16785cf17a3cf76503a5907dc736e0466215e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/ThreatMiner?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfbWl4ZWRfbWVkaWFfMTU4OTciOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd19leHBlcmltZW50c19jb29raWVfZXhwaXJhdGlvbiI6eyJidWNrZXQiOjEyMDk2MDAsInZlcnNpb24iOm51bGx9LCJ0ZndfZHVwbGljYXRlX3NjcmliZXNfdG9fc2V0dGluZ3MiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3ZpZGVvX2hsc19keW5hbWljX21hbmlmZXN0c18xNTA4MiI6eyJidWNrZXQiOiJ0cnVlX2JpdHJhdGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2xlZ2FjeV90aW1lbGluZV9zdW5zZXQiOnsiYnVja2V0Ijp0cnVlLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=500px&origin=https%3A%2F%2Fwww.threatminer.org%2Fsample.php%3Fq%3D69b7746514c70046dd974616ca0623cf&sessionId=94f16785cf17a3cf76503a5907dc736e0466215e&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=aaf4084522e3a%3A1674595607486
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 05 Apr 2023 01:45:13 GMT
strict-transport-security: max-age=631138519
last-modified: Wed, 05 Apr 2023 01:45:14 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 0f161a673327540c
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 323b0d8d06b3eb3953771a77c4446ff9371fde9738f0206d4131eff9ec3a0b2e
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C427 42 B
64 B 88ms
54ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNQs0Gpss7HE3Ad7CNqdJy7YyL0VxVAP2P43_IIYxubofcE7J-cbzo-x-UHIB-uym8xYAfO1xMBNc7JdYp9PAyGaZH_zcS7-_POD7ODw__tj9y13S9fP1iE5Pm0hPYMHnANYx7dVtv4qN2AepVVnfm82o_PMu4ls3XX0X5ZrV3g1_Uk9dB4ziHlgMThPH-9M0k_5PbKCkaTSW4M8KdihHHQ-BEQLy8HgcDMlLU4GqOkuhO8cyNMaLCmuJ8bVm_39OvByDffoEdWYm2WAO1ywKkItwcQs2MB6Xtl0KJVPEYDOIFWynTllqHf9Yq3aKp88N_hDJr_bTaTyQg7i_kxWyerJzDmF6np6dUkaSFDuSa-hXqABYYvNiyOuAeBKsDWdXAL96dQ69q9-qEUkA1jEBkbn6X73sOLdwpl4ATLqOy7owZMast-0Xtzg_Mmq7eStNJ41QPXACFGvTsLJKmLJXXkO1ynlc9TdCxqbBQYCFG-6jPpasXMej_Rgnbwi6nD62yCKTyL2BMfB3trFHAKTp3BiXp-HDqYUtwWIH40cKxiww2bXvU059gC_t8lGpIfyrmC_ua73dvb73pKfPuw8gHdSI_l8_ScP7acCZyX-TA6ddrWQHOpA6Nh22blPVqb_TBfjt-H8grVM37Qrxb-_r_Gcg8l6QbWhfNsIQK0NoSj56ZA2K54Fg2EkQZrnp-wbksyUgkczsOqkH1E6SFBjysOSbbQmI7yN9fnSZkAZd_WH7gN8DKGOdib_rNNhMUCz8ma22X-KBxRIKLD6RbqYXmfUZ0enm5O6A9Ny2-S031Xl2ojw770rFysJ4lT0YX-rTdf9E0D0KSb6mmYvR8O6CEGLYw-MVVkP3cZKxK9O8c_w9WV8YEABl_9z1QowYWZeUu9LLPdhMRopt3_z_2EotF53EZrRrbJgVxVtNLb3ZwJ2hQw0Uj3F-vnY-62A0g8TD1bI3hTdrE9aI8yzhAJ6oaPXiz-NpIbrGhSp6Uqw4AqA&sai=AMfl-YRwAzoDVW7SLV7MEQY9RPrkIolSgqWT57ZfA_yDOPgcoN5meAzlxgz__WHnxh56O1ZnhNhR3POjrBAGwe1R3zBeVqz-xwfU0g&sig=Cg0ArKJSzMwDylzaUbTJEAE&cid=CAQSGwDUE5ymizDN8VjEoGcNfw5y94vggJfGw0OBdRgB&id=lidar2&mcvt=1360&p=0,212,200,988&mtos=0,1360,1360,1360,1360&tos=0,1360,0,0,0&v=20230403&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&vu=1&app=0&itpl=4&adk=3585176026&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680659112331&rpt=656&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 2D6D 356 B
383 B 18ms
17ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&cmcv=&pix=undefined&cb=1680659114413&uv=3265&tms=1680659114413&abt=dfrc_vB!id5mc_vA!nonrv_vA!t45!ufm&ru=https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=f6691893-a221-4213-a116-2168326dd3cd&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 99e8efabe56607d26679e630c10920b5a977e8a704aa3f640d3d7c4f08ef4509

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 05 Apr 2023 01:45:14 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230085-FRA
x-timer: S1680659114.418049,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 18AE 529 B
623 B 37ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: d6a3e66c8af45914c313cbc1401c93e27bd63339b3ea769ca2a4f1413095feb6

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 05 Apr 2023 01:45:14 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ Frame 2909 1 KB
835 B 74ms
68ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1680659114419&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1509&pt=78555263&tz=0&viewable=true&ddast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1322535&dpubid=238805&abtst=dfrc_vB!id5mc_vA!nonrv_vA!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.threatminer.org&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 712644e4a3ecb9bd7e266340b7f7fb65b80d2ad446694e96888a55b86439e9b9

Request headers

Referer: https://www.threatminer.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 05 Apr 2023 01:45:14 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1402
x-cache: MISS
x-served-by: cache-fra-eddf8230085-FRA
pragma: no-cache
server: nginx
x-timer: S1680659114.425678,VS0,VE61
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.threatminer.org
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ Frame 2909 0
43 B 37ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&cmcv=&pix=31589837&cb=1680659114413&uv=3265&tms=1680659114413&abt=dfrc_vB!id5mc_vA!nonrv_vA!t45!ufm&ru=https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1680659112309.9!ts:1680659114413&mntl=1
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
content-length: 0
server: nginx

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 317 B
754 B 80ms
48ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: ca0b1a7c478401eed61826e184755c776caa840e7d83070738254b6170fdf205

Request headers

Referer: https://www.threatminer.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 01:45:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.threatminer.org
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 317
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 3UAW7s5h_mini.png
pbs.twimg.com/profile_images/653471756741685248/ Frame 0130 2 KB
2 KB 227ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/653471756741685248/3UAW7s5h_mini.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

8475bfe474a59e7214c6ec1eef0d28a80055171e00625aee00476bc7b4951884

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 118555
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1766
x-response-time: 110
surrogate-key: profile_images profile_images/bucket/7 profile_images/653471756741685248
last-modified: Mon, 12 Oct 2015 07:24:22 GMT
server: ECS (frb/669E)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 800e2dca729e8e78
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: b3616fb08df2fd604383f391faba094f94598b3f5ecccb1b7bbee8b41ae6f38e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E904 42 B
64 B 69ms
54ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7jGPAffWf9HUneKGtqll90USgB9nZE_V8K4jREZxGpk76CiPlprsXaj4J8SMMf29tZnQANOs-YLrrvPrZhF7ASimHjtTcTf2ereJxS5Lemf525_oYtzPG9sRVfAj-ScpjFdkw6eGteIcWsG_NYMF1Sf64IYNpmBWvuDiKQXfmX7DBEKgc11-HSx5-J2fpXbkqUf4CyJ1kP3Gh63JwSVijGJ7t2KtkDKW0ppOytNvzbz_BPDcnTdcVj8w8JO36EkL6rD8c8puDGDGTPdZtfykWw21vZ4YYt-O_Jgwgpl92EHP1nIUTDnp_AAvCE_ojeYpcG84FS3JGqg5BCp--ereF2pikari_dV3HtVCrMJAusJAxupkTKXVISvBTyfG4r1QtClbbyBgu2tsxuVcYI7LialuB_S2kYGuvO_jHnS_a36hcQjxCl-Y3yQE7W8F6IlJdKqevCUPhglre3o5aR3G56sCInnDQMXJvhTsq3qJ0i4CruqUNFI00FwAuKI8JeOz5RfRTmA-5tG7tpaW4bqsovUQ89_Uc5j5zvV-vWSVdORxaKPXJd4M_2Hoh2zm4rKFFTt2Ck9HmvBEpialbWo2p_7E-kSS_JXsgNhn-bZc1bjRhTZi46QHZ7e0Yp6SKz5sbyxJQfH1a0KNffvLyhC796L5lYe0XpkccFlzn6g_I8HD23V0FQKlhMsHbXyYUSvRLQiuy5HRQX5qhrow2mAJjIXCaQwsHHNJenZ-oRD4hKO0HYmwAcDyMwcJGgUMm6o6nZhtiszEwW85Wj04kC5OhPQU4GnHtJlF2pEIc4xGmfC1md-PBY59K8fgijbjfCKVJeTIAoHtss_1P375druFhug2d2p5ekVJUamC7lJKk98HSwJT9Jo7Q-yO2ECzYgk3nLFPXChGE87EnHR2lerY-EV4U9HOa8gZsz6nzQdvr88cGCBv2PLmmjZczmtJATElxT3yWCP5IZ81I109GQQGAddcPdGlo6sS7HI0&sai=AMfl-YSkzK_c7TmFFlCaqStfMcbG0uuOhMLQD9FlQYwpfEkbR6gq0Xcb-1Sm4GYSA9P3IJeB6cbdW4f9l7sL4VYKvDu2CdKjTrFXqA&sig=Cg0ArKJSzF0x4jSXOycyEAE&cid=CAQSGwDUE5ymuJ1tAmlxJKvPnespqrnUrYA5YvxpOhgB&id=lidar2&mcvt=1118&p=0,0,249,299&mtos=1118,1118,1118,1118,1118&tos=1118,0,0,0,0&v=20230403&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1382012186&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680659112271&rpt=1015&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 MlFGUv0i_mini.png
pbs.twimg.com/profile_images/1554396389370724352/ Frame 0130 611 B
821 B 222ms
11ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1554396389370724352/MlFGUv0i_mini.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) /

Resource Hash

521c9929bd68b24684fd916cca8c9bddc563fa7c7dc09c5dda0afa1308b9464c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 417734
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 611
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/2 profile_images/1554396389370724352
last-modified: Tue, 02 Aug 2022 09:17:13 GMT
server: ECS (frb/67BC)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: ba5f61a8427442e1
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: b5be4897da5dc7f578e0530f892b361b4ec1d749333d243831a8207e33536c25
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5q1AbFXy_mini.jpg
pbs.twimg.com/profile_images/1346196937985433601/ Frame 0130 2 KB
2 KB 222ms
11ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1346196937985433601/5q1AbFXy_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

806e8e575f0a03e3151c5b6c2b00bc074ccd37890368113d845ddccbee6f9823

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 579594
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1556
x-response-time: 110
surrogate-key: profile_images profile_images/bucket/0 profile_images/1346196937985433601
last-modified: Mon, 04 Jan 2021 20:46:55 GMT
server: ECS (frb/67A7)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: a81ff75786e926db
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 9b406e57c44c114dd02f7386d8d2428d34156b519ab4e851b968f608df57ba97
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E520b31VIAMiSRo
pbs.twimg.com/media/ Frame 0130 3 KB
3 KB 217ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E520b31VIAMiSRo?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BE) /

Resource Hash

cb9c1affd53cc902333afe5879d98f48baf1f9034d27ff0db04f495b3264f791

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 538522
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2614
x-response-time: 121
surrogate-key: media media/bucket/3 media/1413484249001304067
last-modified: Fri, 09 Jul 2021 13:02:40 GMT
server: ECS (frb/67BE)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2c98443de87f0a20
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 38ade37aea2e81fb4fee730349c99eafb8bef29344d2fca470788afcf4bc99fc
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 bMS2a9P1_mini.jpg
pbs.twimg.com/profile_images/1294860240299728897/ Frame 0130 1 KB
2 KB 10ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1294860240299728897/bMS2a9P1_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

44311fef61528d27e4a493c3767b2a7aaa1dad6c7a595a6374e1e66dc789812e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 192055
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1472
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/5 profile_images/1294860240299728897
last-modified: Sun, 16 Aug 2020 04:53:13 GMT
server: ECS (frb/6795)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 020c7f979e952728
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 199f80bae7bc2905767610f31a4a6156e395d781683ba2eaee524c19f119c124
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 XHt2EJFn_mini.jpg
pbs.twimg.com/profile_images/753748648085848065/ Frame 0130 1 KB
2 KB 21ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/753748648085848065/XHt2EJFn_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

30d7bee321af1187b749ca303b223ba6726e540e03117a61d56f896165d76383

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 18778
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 1430
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/0 profile_images/753748648085848065
last-modified: Fri, 15 Jul 2016 00:28:56 GMT
server: ECS (frb/67C0)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 49fb2a1563ff11e7
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 1ffc671a0873e8bd1266530ec63ff5a5f5c895b721910a205993ca8e1000cd53
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xWoK6KuP_mini.jpg
pbs.twimg.com/profile_images/1463883343079088138/ Frame 0130 1 KB
2 KB 11ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1463883343079088138/xWoK6KuP_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) /

Resource Hash

3dcd5743f9bbb87381e37f01069a3ed909c706c662fbbbeb192264b3ca48541d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 258744
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1493
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/3 profile_images/1463883343079088138
last-modified: Thu, 25 Nov 2021 14:50:41 GMT
server: ECS (frb/67F3)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1cba70f1fc1a99dc
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 45a354bca0b9afc5cffd4c6c9458c9c0b5eda7e19cc58b4273df1d018146b2f5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5MAHUhST_mini.jpg
pbs.twimg.com/profile_images/1367943482053115905/ Frame 0130 1 KB
2 KB 12ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1367943482053115905/5MAHUhST_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

0f30cb7bdd3fc8b3679a863a561b2a3fc9bb6892337b7dbdca14b1efe5549f41

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 79076
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1535
x-response-time: 120
surrogate-key: profile_images profile_images/bucket/0 profile_images/1367943482053115905
last-modified: Fri, 05 Mar 2021 20:59:55 GMT
server: ECS (frb/6763)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 845ff3e1b9e47b4b
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: f059ea67250bb34440de4ee6e001a3491c991ba863c733d8f05caaf478a31b98
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 EJQs_KmUcAAujwA
pbs.twimg.com/media/ Frame 0130 3 KB
3 KB 14ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EJQs_KmUcAAujwA?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

005ec850938e93a398c16dcc2e5dfbe470cdbe16621d53326216d45f1c1572ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 487685
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2795
x-response-time: 108
surrogate-key: media media/bucket/9 media/1194629264848482304
last-modified: Wed, 13 Nov 2019 14:51:06 GMT
server: ECS (frb/67BD)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: b73f616853a49aa1
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 21a1ef3a731a6dff80a45e12e8c002008eebe2660458673d1dc6291531719282
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Zpfst2wh_mini.jpg
pbs.twimg.com/profile_images/1165118373585403904/ Frame 0130 1 KB
2 KB 15ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1165118373585403904/Zpfst2wh_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

62fad9b0d4414703f21bc215b8b0dabfc2ef775c83df672250d026c969c0f57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 51317
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1451
x-response-time: 108
surrogate-key: profile_images profile_images/bucket/6 profile_images/1165118373585403904
last-modified: Sat, 24 Aug 2019 04:25:21 GMT
server: ECS (frb/67BA)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 158c4ffb1a51a965
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 73774dd1f3db0d058668ca91fd4acaf2ce7d85dacbfde78ba0dd2841b7df1892
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 0YdvRUp3_mini.jpg
pbs.twimg.com/profile_images/1233771657581547523/ Frame 0130 1 KB
2 KB 20ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1233771657581547523/0YdvRUp3_mini.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

d0968c5dd18ce893a1abf23e15f0bf25456d5703a24e61f5707db8e2025d1135

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 258744
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 1451
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/0 profile_images/1233771657581547523
last-modified: Sat, 29 Feb 2020 15:09:00 GMT
server: ECS (frb/669F)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: d3e865778b1e3aba
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 64cb39cc60b7ccf1f5d1a1aa8e970c18178a7e795a3487644b881337e1363abb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2D6D 70 B
264 B 110ms
37ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&cmcv=&pix=undefined&cb=1680659114413&uv=3265&tms=1680659114413&abt=dfrc_vB!id5mc_vA!nonrv_vA!t45!ufm&ru=https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=f6691893-a221-4213-a116-2168326dd3cd&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Apr 2023 01:45:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2D6D 43 B
425 B 115ms
37ms Image
image/gif 2a05:d018:d29:3602:4dc4:1acd:4e16:7f78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&cmcv=&pix=undefined&cb=1680659114413&uv=3265&tms=1680659114413&abt=dfrc_vB!id5mc_vA!nonrv_vA!t45!ufm&ru=https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=f6691893-a221-4213-a116-2168326dd3cd&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:4dc4:1acd:4e16:7f78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 2D6D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-CFOBw_9E2uE_CLSPWsde_U2xysbL7ytuQhVK2TQ-~A

0
98 B

36ms
12ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-CFOBw_9E2uE_CLSPWsde_U2xysbL7ytuQhVK2TQ-~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&cmcv=&pix=undefined&cb=1680659114413&uv=3265&tms=1680659114413&abt=dfrc_vB!id5mc_vA!nonrv_vA!t45!ufm&ru=https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=f6691893-a221-4213-a116-2168326dd3cd&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11891

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-CFOBw_9E2uE_CLSPWsde_U2xysbL7ytuQhVK2TQ-~A
date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 18AE 70 B
265 B 99ms
36ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Apr 2023 01:45:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 18AE 43 B
426 B 102ms
34ms Image
image/gif 2a05:d018:d29:3602:4dc4:1acd:4e16:7f78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:4dc4:1acd:4e16:7f78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 470E 281 B
554 B 42ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Apr 2023 01:45:14 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/32_6_5/infra/ Frame 2909 786 KB
133 KB 27ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_6_5/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 164ecbe3e38ae66b20f26a8634de037b4c5ca0d12b7f834feb4d1d9ab21af5a1

Request headers

Referer: https://www.threatminer.org/
Origin: https://www.threatminer.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-mtime: 1679735219
date: Wed, 05 Apr 2023 01:45:14 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 0FHFZE9TH94CVRA5
age: 923725
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1679735220
x-amz-meta-mode: 33188
content-length: 135617
x-amz-id-2: +aXgQChm022RNIqPPNPqbSk/BASi8lsvZozIco/R57yO6toGBdonX788w4axyiIs/EQTO7FvNYk=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Sat, 25 Mar 2023 09:07:01 GMT
server: AmazonS3-br
x-timer: S1680659115.549235,VS0,VE0
etag: "df906a08b453de7fa6a2b0c9c9d92010"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 65525

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_6_5/assets/css/ Frame 2909 60 KB
8 KB 10ms
6ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_6_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-mtime: 1679735274
date: Wed, 05 Apr 2023 01:45:14 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 0FH1C28CQPABVFRD
age: 923725
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1679735275
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: SyTw7QR0x5bTGrbyFAcFmAoMz9K5gO6z9uTHezekn/RMjT8/MNrPsuJekfCycLTNbTHeYIfoYCQ=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Sat, 25 Mar 2023 09:07:56 GMT
server: AmazonS3-br
x-timer: S1680659115.532133,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 898423

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 33ms
33ms Image
image/gif 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 01:45:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Content-Type: image/gif;charset=UTF-8
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 GlDh9Jge
pbs.twimg.com/card_img/1640931427561930752/ Frame 0130 11 KB
11 KB 15ms
11ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1640931427561930752/GlDh9Jge?format=png&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

dfc5d5c7fb034396e04143bdba66dbacf348c6b807fdd678ddc9e7b3201947e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 590609
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 11242
x-response-time: 129
surrogate-key: card_img card_img/bucket/7 card_img/1640931427561930752
last-modified: Wed, 29 Mar 2023 04:16:34 GMT
server: ECS (frb/668C)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: e48947fc6789d744
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: ca9680dbb96559370699a14ce07f52cf14f2445c6c8f1043f4c110f523d849bf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 sDfJ2CD4
pbs.twimg.com/card_img/1641845600244072456/ Frame 0130 6 KB
7 KB 16ms
12ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1641845600244072456/sDfJ2CD4?format=png&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

73b68885dd178b49b934bf1cdc9b03ccc78f4b66a32245485a48a0935c7f45ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 366287
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 6561
x-response-time: 131
surrogate-key: card_img card_img/bucket/3 card_img/1641845600244072456
last-modified: Fri, 31 Mar 2023 16:49:09 GMT
server: ECS (frb/673A)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 3481e6b69552bfe5
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 1de0f1700807c5d8362bd88c19c6a408c692f0b50586c74f8a3c169965ef1b0c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Rf1wIMNF
pbs.twimg.com/card_img/1643293140965548038/ Frame 0130 3 KB
3 KB 20ms
16ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1643293140965548038/Rf1wIMNF?format=png&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

c718fec567c65c20e60291e61ec730f569cd3984fcb59039a222425ecd80885b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 23466
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 2631
x-response-time: 139
surrogate-key: card_img card_img/bucket/3 card_img/1643293140965548038
last-modified: Tue, 04 Apr 2023 16:41:10 GMT
server: ECS (frb/67F2)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 37e63194afda6e74
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 634c91fddaeb0c229203ffcc9dab78c9789a61a1e5fa255a2bd6713cc7c6524b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KMqUD1Ke
pbs.twimg.com/card_img/1641242777668276224/ Frame 0130 2 KB
2 KB 16ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1641242777668276224/KMqUD1Ke?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669F) /

Resource Hash

b2b6a3347107fa4e4f0fc1ba142fd8d552d8c85c11f79c7fd5297cc9def629e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 511646
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1957
x-response-time: 144
surrogate-key: card_img card_img/bucket/4 card_img/1641242777668276224
last-modified: Thu, 30 Mar 2023 00:53:45 GMT
server: ECS (frb/669F)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 50eaba84028f8fb5
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 1b43645e6ee9fe197d20278e9c414431bc5cb508e9d71f1c3d9869740a43e855
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 VemvMPkl
pbs.twimg.com/card_img/1639998846020333572/ Frame 0130 1 KB
1 KB 17ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1639998846020333572/VemvMPkl?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

bb7ccabf7c65291dd7fb2b10cfc555b9b775774aa584bb66a972a8a325b428f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 195913
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1139
x-response-time: 146
surrogate-key: card_img card_img/bucket/0 card_img/1639998846020333572
last-modified: Sun, 26 Mar 2023 14:30:49 GMT
server: ECS (frb/6752)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 18f1f710c18dfb6e
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: fd93eb86b7d42582d187484a0bbf118466f93e593602c9ef4453cccbe6cb2381
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 xSWDYXHP
pbs.twimg.com/card_img/1643342554048389126/ Frame 0130 2 KB
2 KB 21ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1643342554048389126/xSWDYXHP?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

4195d7104aa2931542904787f5b1595beda683bbdd8f9012e055a75123aa3507

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 18778
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 2274
x-response-time: 134
surrogate-key: card_img card_img/bucket/8 card_img/1643342554048389126
last-modified: Tue, 04 Apr 2023 19:57:31 GMT
server: ECS (frb/67F2)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 57fd6a79cbd04092
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: e6fa993af98fd414d958f420025c7356ecb8ccc4a9b4548fde42687ec9413b5a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Vz6xN_Z3
pbs.twimg.com/card_img/1641280109071200256/ Frame 0130 2 KB
2 KB 18ms
13ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1641280109071200256/Vz6xN_Z3?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

61c1a7a10486699e72db461d09cf675dd3ad00daa0e80edbeb19bf75c48b661e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 511589
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2190
x-response-time: 136
surrogate-key: card_img card_img/bucket/9 card_img/1641280109071200256
last-modified: Thu, 30 Mar 2023 03:22:06 GMT
server: ECS (frb/675D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c75d44e702aaa2a4
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 2e74dffad0476eb91ce4783537c3a05e50bf4d08dcb9be9489d23c3df15687a5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 58 B
494 B 64ms
34ms XHR
text/javascript 199.232.196.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: acf826d1f3b3cc0bb04939cf7d2d1a141f788ebb641213e8c1b46c32f6f25a5c

Request headers

Referer: https://www.threatminer.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 05 Apr 2023 01:45:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.threatminer.org
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 470E 34 KB
10 KB 36ms
18ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 29b7bf02a0ddee934272654a71e7efe2d5e7fd664e81f8158bc5db28a0b2f61e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 05 Apr 2023 01:45:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Apr 2023 04:39:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10429
Connection: keep-alive
Content-Length: 10015
Expires: Wed, 05 Apr 2023 04:39:03 GMT

GET
H2 200 tYXZKP7G
pbs.twimg.com/card_img/1641903490111815684/ Frame 0130 3 KB
4 KB 19ms
15ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1641903490111815684/tYXZKP7G?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

f49427026e694dbaf99e8f57b32ce0cc536bb49afcf406a2680513cf6a70263f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 58468
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 3346
x-response-time: 181
surrogate-key: card_img card_img/bucket/2 card_img/1641903490111815684
last-modified: Fri, 31 Mar 2023 20:39:11 GMT
server: ECS (frb/67BD)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 2501e2edd84aec03
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 1e8430c9bc6bc4ca35d817d115e8188110ccce2321edec89afd28e59b27b4f30
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

POST
H2 204 bulk Show response
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame 2909 0
270 B 27ms
13ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?tvi2=-2&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.threatminer.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 05 Apr 2023 01:45:14 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230085-FRA
server: nginx
x-timer: S1680659115.582564,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.threatminer.org
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 470E 284 B
536 B 83ms
9ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.0.9/ Frame 2909 441 KB
84 KB 11ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.0.9/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 634486a62f5094ae82d700bb0c49f06d69bd3c4c0fee4814f59589c11f02bd6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-meta-mtime: 1680538012
date: Wed, 05 Apr 2023 01:45:14 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 8AD4BWRZ3VNJZV8F
age: 121063
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1680538024
x-amz-meta-mode: 33188
content-length: 85597
x-amz-id-2: i0iLc4cMhO6BzITPASucG2TWLq2SOfTu6o4nXA1hqipie62JWvPkyYe91sKFfRUtELL2eweToXI=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Mon, 03 Apr 2023 16:07:06 GMT
server: AmazonS3-br
x-timer: S1680659115.695163,VS0,VE0
etag: "1fb66057416eab70e399b2f558e117c5"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 84249

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4427 356 B
450 B 15ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_6_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 99e8efabe56607d26679e630c10920b5a977e8a704aa3f640d3d7c4f08ef4509

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 05 Apr 2023 01:45:14 GMT
machineid: 3406
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ Frame 2909 89 KB
89 KB 15ms
7ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.threatminer.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 05 Apr 2023 01:45:14 GMT
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 3774286
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1680659115.733817,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: aFo3XPtUcu-k-9AV0uKFRtVm8akzQN1fEAzXYOh9CqA7dLERIrBsUg==
x-cache-hits: 1332303

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF46 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmA8SqzCTY-m48TtyhUW4pJzytJMEbxPJWfoYf-syYWrlTDMGQ4gCZmrTy37EHuFqo44VWo_g_sEQqAoFYueb_uAKzy5AVAJm12b1sEufRbs2bJ2FQRt4Vi5qgehbwVKwrROfwVg&sai=AMfl-YTh-w1BX395pmG3HU9lD5ou8-y-Usc8il5oeDaTjF6bT_7-Elt-s59ym19_kOxwGpiLXYRMGdHkeoB-&sig=Cg0ArKJSzF2me95MbaRxEAE&cid=CAQSGwDUE5ymSUB6OyVj1p3UwqznlAPyYVDu_ooN2hgB&id=lidar2&mcvt=1040&p=0,0,600,299&mtos=0,1040,1040,1040,1040&tos=0,1040,0,0,0&v=20230403&bin=7&avms=nio&bs=0,0&mc=0.81&if=1&vu=1&app=0&itpl=22&adk=2989800909&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680659112286&rpt=1392&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4427 70 B
264 B 32ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 05 Apr 2023 01:45:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 4427
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-5BVP3whE2oReD6MtelB.INdYkbAnC8b9LOx2Vw--~A

0
98 B

13ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-5BVP3whE2oReD6MtelB.INdYkbAnC8b9LOx2Vw--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11861

Redirect headers

date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-5BVP3whE2oReD6MtelB.INdYkbAnC8b9LOx2Vw--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 4427
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-CFOBw_9E2uE_CLSPWsde_U2xysbL7ytuQhVK2TQ-~A

0
98 B

14ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-CFOBw_9E2uE_CLSPWsde_U2xysbL7ytuQhVK2TQ-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8-msCLAYwpw8QQRJz2xNgTh8ggiTmti8AAABgYED8AInZZsvFcLlZKyyTxVo0WWzWCsditpYsZsPNZDYyeTYmIyAx22y5GC43a4VlsliLJovNWuFYzNaSxWy4mcxGJs_G5AZJaDodPte9Xvf73UVHy8thejvtLstdb_n5NQ-34eyyC46G_-I9W058u9FstRhtfIPBaDYyOXej2WK2cRhmk83GZgcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFgONfd-rIbHa7Py-4PAAAAACAAAAAASAAMkFaXAKBwOTnx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAwhbD__0PZzdiNSMF2EEQAAAABZ0WjFI5N0gopFlf___34rAFcAAAIOnyzG9bPoDkq8hQEAAAgQMxyimuIrmqExZoEeFr_f7LBr_G6X-f________8383_mH40QkZlZmiAWAAA1v4AAAGt-AQEA2KgbAIA3AnBCDgeaTofPda_X_X530dHycpjeTrvLctdbfn7RIWjFYLA6BrQbrkaT2QEAAAC48____49nOEQ1xVc0Q0MPSBhWxuFksFgudqORa-bZjTyG5WC5Wa4mrolrsdiedGEH-ZLmehE_E7YYrSaTzXI4Wy4mg-FoOBrtz0AsFgM0EYPlcjJZTHar0Wq0Ge5Gs8ECCcRggihaNJisRqPJYjJcjSar2XKx220QRatWs9FmMFzNJrPdbjUcDJejEZqwxWg1mWyWw9lyMRkMR8PRaIhgxLnaLWaDjVs5WWzWosFstpZ4DLO1ZLVaGAeDick527hFr4_pYpmthpPhFgkG7OxF8rRIJxKTY2PyOCyOwWrmcg4nM99iMZwtVq7lxrTbrGwTsURzskgnssu-YVgZh5PBYrnYjUaumWc38hiWg-VmuZq4Jq7FYl9xrnaL2WDjVk4Wm7VoMJutJR7DbC1ZrRbGwWBics42btHrY7pYZqvhZLhvzIaD2Wq5WEz2jdlwMFstF4vJvsNkeqY-Z6NrevR7dOqRsq8a1hwGhctg8f4kpsW0Ozt4fr-j06Z-KYs6o9_v9_v9fr_f7_cbtJ6D2aDwrY_PnPjlML62i5dBbDAoYongIp2InJ7H6_PWPU0-l-mtedhcpufZZXuZLYOx3-4zPZxmw3IilihNF-lEr3m4DWeXXXA0XMQSwekinYhextNF_UcPsRvOFbPJXDJYzhWb4SoBAAAAAAAAAFiCaaabAAAAADgZyGY4HKzW6SA2k8lqs1ougAd1CV3AIAAAAAAAALs4DJd5d3YgxIo19lgJOT2P1-ete5p8LtNb87C5TM-zy_YyWwZjv91nejjNhuWUATw4LTLb7DOCWKvVsgYAACCADQAAIICbbrwJCLPi_v___8cBAACQkUMPAABAfB9QFgAAAAAAwD8ACWKtVgs!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 11863

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-CFOBw_9E2uE_CLSPWsde_U2xysbL7ytuQhVK2TQ-~A
date: Wed, 05 Apr 2023 01:45:14 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E621 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJk4rvGNU2C2rUtJGhM2qx-nr-k1xrYq_RpLcJz90eGDaimPDRlZEY0IkKBYcN4g6J4mtvD05yrJ1D7W4_4Yf9dk4uLWHVAWl1Cg4DXynsjxYeVGfsZ4gsCddzLXL1jvogvYK6jw&sai=AMfl-YS8a-mw9xxMHsq08AM-jFH1IceeTS-NSjqYluj1SoV1UdQfhuSiL9cTk7q0XkYrgPjfd3IYr3Fixe7R&sig=Cg0ArKJSzMwubxitbvd5EAE&cid=CAQSGwDUE5ymFLedZ3lVlvsiCSCCpX-f44wBh-LJYhgB&id=lidar2&mcvt=1020&p=0,0,200,1182&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20230403&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2644663765&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680659112320&rpt=1451&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Apr 2023 01:45:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 2909 254 B
749 B 7ms
6ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/sample.php?q=69b7746514c70046dd974616ca0623cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 05 Apr 2023 01:45:14 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 12001
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1680659115.798561,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1134

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 29ms
29ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230330&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c47725579a5ac0fdb2f1617b5cf8863a5a57fa7ed8d69969c9da7a0f6ab70470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11288
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 01:45:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0379 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 04 Apr 2023 17:44:50 GMT
expires: Wed, 03 Apr 2024 17:44:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DC8D 783 B
534 B 25ms
24ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fdd865ce3140fedff98cf8596741684661cece4de03dcd3e4e8cb33dffb81a9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uYU6XXegpIaRXRiovvJtJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-uYU6XXegpIaRXRiovvJtJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Apr 2023 01:45:14 GMT
expires: Wed, 05 Apr 2023 01:45:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0379 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U7EM6LXWj4l78jf_OLdMz79S9xCye0H6LBL4Kfa2sjI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14333
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Apr 2024 00:14:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DC8D 0
0 46ms
46ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230330&jk=3339220411880613&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0379 0
11 B 13ms
13ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PtlBJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 01:45:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 2909 3 KB
2 KB 8ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Apr 2023 01:45:15 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 506
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1680659115.443447,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 42
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 483

GET
H2 200 / Show response
pips.taboola.com/ Frame 2909 4 B
125 B 14ms
7ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230087-FRA
date: Wed, 05 Apr 2023 01:45:15 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.threatminer.org
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame 2909 0
82 B 277ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=b957160c-9213-4066-bc06-255a800bd96c-tuctb265828&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 05 Apr 2023 01:45:15 GMT
cache-control: no-store
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230330&jk=3339220411880613&bg=!2dql2o7NAAbEgrg45II7ADkAdvg8WsgU0Y_4veayBUbnrtRkfTViihtVo4cpU9zNkfxf1LnaVFsndioG119V1ZIIP0rh2LMjb3MCAAAARVIAAAADaAEHCgA1HYQyn_QMbHWm6v62hYlsrLLVKeNfuKBtU5H8yLcfhvFJSMh7QkcbDCepcaATuv7P8_30xxKZAqb1z3o43xBoOCdbj8vN8C6aEF17DwJiiI-ptv-m2BU-Op5c2juvgOb5jpQlwx4qgYysJccOlq3IYYZkp4FKo_Wta_lYOZszqDltKaTGu5_D-wuPDF-2XufLb1avfKj_F1UWSd-mth8yq-7PAb_ArbjTCuK1dtMWNbehz9xFmdnzzwjczNNazvzP6_Z5MiOlvS1vjsc1uAgrvGX2x4Xdn53ZFaFZjqEqxWS7sdEwyNn0mdDGXZX9l4tP8iQaiyNgV1qNohFuMJv6ICV46xKRDnKUi6Iy1Ztr2J_i4406dC96I0T7sAGQYZbLqQMSXU9tAXBEH4mVzLPi78_Bntjgz0UBVJQ2FyLc9ZUMVwjA2HLfgB__qiUNk1SAwLzkfRmMO-SyivnfdAjqleNnzRf-eETZnqpB0kVJ-KXB2q-ct2I2x5-9c2srfm8yMsJ1dXbfwsgHz85qRnMCZdIHCOO7r1ZrtqbUXKLrCzXzdxWw7FaMUEiE4p0K3TB-UemP8Rs5Lel2rwnPaoGFiKWZsGoWt8sM0l0yP0vZ2dPrTUjTPJk7I4uswABtpUL1B1mdfTvCyWRV8T9sST7ZE7z55VogixTlpwtoIbtZPhz8gs5-lEbvUqXEt3wSFdpAPUh6aZ_oIGO8ZlgOa6jCpjpK58C7Viuex8B8ar261oTc48eP2nYPGkbzN7CV4iIvibkIcwGPxt7FhwHX1pf4XEgOtisDapJcvZ8FapxXFuD7zfCtH_ilm0YzsAPj4N1ubrjXD76qeSFa61eQI2oZYljhfL1E5YYTuo0S5FAQsWzTRRsaXVB5_1h1ID8qEXCuSrKnecAUwmt-ghNDA8ZbKThdmPprXt6ymwXssnrz-dNMEotx2sPSlCuajDYC_h0K58nSi9TcYHbkBdKPg2M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.threatminer.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.threatminer.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: svjg1469n16a0s515msfaoste5
.threatminer.org/	1970-01-20 20:26:59	Name: _ga Value: GA1.2.683483255.1680659112
.threatminer.org/	1970-01-20 10:52:25	Name: _gid Value: GA1.2.6747969.1680659112
.threatminer.org/	1970-01-20 10:50:59	Name: _gat Value: 1
www.threatminer.org/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 29cac0d3-48c6-4900-8d18-ad981d209eb2
.threatminer.org/	1970-01-20 20:12:35	Name: __gads Value: ID=b133cbf0acc955e9-220e6796f7de0064:T=1680659112:RT=1680659112:S=ALNI_MbzUbr0ygoAmksUglediGzuUE9RTg
.threatminer.org/	1970-01-20 20:12:35	Name: __gpi Value: UID=00000bd0b9361825:T=1680659112:RT=1680659112:S=ALNI_MbByRAhh9hlTTg_U14p6rmZQa8w2g
.threatminer.org/	1970-01-20 20:12:35	Name: __gsas Value: ID=94da53b61989fedb:T=1680659112:S=ALNI_Mbvyx-GHAjmWdARZKmGNyPsPQir9A
.doubleclick.net/	1970-01-20 20:12:35	Name: IDE Value: AHWqTUlIF5JkQE0pxsbd8UhRFoR0Qp3KLIAH0G3veDjqAdAxftDbPhQL9CQdGBVgVsA
.doubleclick.net/	1970-01-20 10:51:02	Name: DSID Value: NO_DATA
www.threatminer.org/	1970-01-20 19:36:35	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Db957160c-9213-4066-bc06-255a800bd96c-tuctb265828
.yahoo.com/	1970-01-20 19:36:56	Name: A3 Value: d=AQABBKrSLGQCEInYYTjxgkY9oEPTFAhRxhcFEgEBAQEkLmQ2ZAAAAAAA_eMAAA&S=AQAAAjXaMEy8ia_SnSYbIXyfZk4
.analytics.yahoo.com/	1970-01-20 19:36:35	Name: IDSYNC Value: 195y~2awp

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://threatminer.disqus.com/embed.js(Line 46) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs-0.twimg.com
abs.twimg.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
c.disquscdn.com
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
clients1.google.com
cse.google.com
disqus.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.creativecommons.org
images.taboola.com
imprammp.taboola.com
licensebuttons.net
links.services.disqus.com
match.adsrvr.org
p4-byw2hctt4f23u-43gnhfidmkwwkim5-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pips.taboola.com
platform.twitter.com
pr-bh.ybp.yahoo.com
referrer.disqus.com
resources.infolinks.com
router.infolinks.com
sb.scorecardresearch.com
sync.taboola.com
syndication.twitter.com
tempest.services.disqus.com
threatminer.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.gstatic.com
www.threatminer.org
104.109.78.125
104.244.42.200
104.244.43.131
13.32.121.17
141.226.224.32
141.226.228.48
142.250.186.163
143.204.215.65
15.197.193.217
151.101.0.134
151.101.1.44
151.101.193.44
172.66.41.9
199.232.192.134
199.232.192.64
199.232.196.134
199.232.196.64
2600:9000:2057:9000:6:8656:f5c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:9710
2606:4700:10::6816:a79
2606:4700:20::681a:eeb
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::c
2a05:d018:d29:3602:4dc4:1acd:4e16:7f78
3.71.149.231
69.173.144.165
005ec850938e93a398c16dcc2e5dfbe470cdbe16621d53326216d45f1c1572ce
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc
087451486cd9264c317ccf930bed7426a5d34552036ffb115f8e2050bead98ea
0978cc2c3431f65d379b1f8fba4c27a88d006a1e59d1486965e5ffc57b529b42
0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41
0f30cb7bdd3fc8b3679a863a561b2a3fc9bb6892337b7dbdca14b1efe5549f41
0f6bb019b01d05d948e743db0c2d7eea959ecd2dafbabb708c6c82770cb78615
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
129d9a340ad960236445c559190546672c530544e000fd246b6b046afeac5666
153166c74ea7f7b64925c9dfd3535675e20ba7414ec4f2dd1c5d27313f385cbf
164ecbe3e38ae66b20f26a8634de037b4c5ca0d12b7f834feb4d1d9ab21af5a1
1752c287f6fbbb65e1c982399584bbc9b1e0c46f0dc181cda9b8028dc60c4c01
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c0486acafe63a074adbd08ecc9cad99ee106f3701e2b93c2a75533774f7faba
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2197ca2cf2c3574ccafa6b1707a4d0bd5e06ca3607bccaf84b8ddf5912a23e6c
26cede390cb1ed461e0a59ad0f0b82606cbb629e5dd3f500d28597ee53ab050e
27249567b2ea01cf7e12780c83c8ee1b6d1d31bba17bcc50890c4713b60a4e32
288bbf40600eb134a61fb6710addc9b0cee3830bff61bac6fe5af700afb4da75
28bb10ad395d322e68196f832c6bd13db2a751fefa28639ebf2b356327ffd937
29b7bf02a0ddee934272654a71e7efe2d5e7fd664e81f8158bc5db28a0b2f61e
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2eba0c668c4cf3ca9b2c3033bea44179f78811976dd0fc2d0568a3a822d28663
30d7bee321af1187b749ca303b223ba6726e540e03117a61d56f896165d76383
30e90ecd5feaf3b43b1b138858beb6b86735969ce140918e9b0218f69580761c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
38e65ef81d8c3beaaca9e880618029784ae596336af55f5778ae913c50e93558
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b
3cb790d51079c6b295c5fc69fa01fc44284569a8cacd9035b09f71f27a59a89e
3d7a902d3ff5ece748d20b5fcbd8899afe8067dae0e3046d3840abab1b379edd
3dcd5743f9bbb87381e37f01069a3ed909c706c662fbbbeb192264b3ca48541d
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f6aabeba4e8c8a898eed01071381947833af4ad7f39582ebf296fc2a266f8c5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
410648e2f3fdc08aab90de8ce3fffcc71d7d41c5b6c61aae829e6d93c6d69127
4195d7104aa2931542904787f5b1595beda683bbdd8f9012e055a75123aa3507
44311fef61528d27e4a493c3767b2a7aaa1dad6c7a595a6374e1e66dc789812e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a1b6dc2f5a2d982076bb9749027da81c6c24bad4d6ee899e0aabd627031cb44
4a63dcb831e6c6745d79ccc6984ba1f2a8f1f598deef41a1fa149254565c6350
4b71222bdc0dd351b946e936f3f5aed39569314c4646ef9bdf800d89f9141839
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c8c703afd944080a14f8c5edcb3c00bda5b28adf95871b7d463223e3a21a77c
4d62244b2cc6afb10492a63aaaaecd14f5f40d443e1b8a224127bd86a2d1ffdf
50d6e541020cbfdddf888aa2c42ad1c8d2296f9045709983354441032e2eb55d
511497d555bcd8812cb48ee7351dc7b82819e48c6f68c8cc2ada9b376f8dc934
521c9929bd68b24684fd916cca8c9bddc563fa7c7dc09c5dda0afa1308b9464c
53b10ce8b5d68f897bf237ff38b74ccfbf52f710b27b41fa2c12f829f6b6b232
541a09b1f8fe03a0ecb3df804a311c98b4f0d518cd5a077b11f0deb056e03a35
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bccb3d79dd85afc5c9d3a008ed9a9af4353560cb21084e755b313dbe5eec75b
5c263bcbd5f875b09e18ce5e82351bc491111eea3b727dd0e4e51e19aae7232f
5dbd5e426db9debda761aa7ffec07450dc850a5896783de6a410af7b97c4b283
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
60adb5d029ec8a5d4613d7d57ff8a799c43caae1d1d1c2e5c230d65850fd5273
61c1a7a10486699e72db461d09cf675dd3ad00daa0e80edbeb19bf75c48b661e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fad9b0d4414703f21bc215b8b0dabfc2ef775c83df672250d026c969c0f57e
634486a62f5094ae82d700bb0c49f06d69bd3c4c0fee4814f59589c11f02bd6c
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
697c41fffac431521f2db48c7426ac23b972b6eb7b1242f0bb47d6079884d3a4
6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656
6b0f9cb1094d7e2926ca420059f0d761080cbbbdaf18802f6c4d7653134e010f
6b108ad68dfc4388a72abac7eaeb6541a3989a5bd72137817408e650f59b3d28
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
712644e4a3ecb9bd7e266340b7f7fb65b80d2ad446694e96888a55b86439e9b9
713a5085778002ac882de664c065bc7a55a26c6091d12c39a038bac7b70dcf45
729cfa84928e7a87a4a4551df25c1406da86af8f0ebd2f579460546d11722326
733963c5513e2f47338ae2c4373a5448a7dae68dfa5a0103602218c0ad72f988
73b68885dd178b49b934bf1cdc9b03ccc78f4b66a32245485a48a0935c7f45ab
74abbf501135b5049281d01424ae0def3218e35538c4ee29598fcbdfc505edd5
7747173ae0867afea05aba24e5cdeccb30d438445577780791b4cb3348436f8b
786ba42fe37c22ff6786070c5c37bf1782f29e826cb4ce4a7267a6b1a1c90f96
7a4a63c52bdfab0ab459b1b77dad4a4ce4e1f7dfdfdba0b2013ba32f0690e15f
7b8229a042f170d262a77b93bc514a56ec5b4fdbd28aa4aa9daa26ff30cb7835
7cccd8f78bd73c79f1281052eb4c9bdf6f38386fca206da9954fdf24ab0784af
7d0c1da8ead01b185ac43fc695890fb9245e8042fc6b81a016ffd07d1f9a5b79
805c456f58d00a6ca84ce26e4a0e20d130245ba8c3021dbc775d835701c98779
806e8e575f0a03e3151c5b6c2b00bc074ccd37890368113d845ddccbee6f9823
8475bfe474a59e7214c6ec1eef0d28a80055171e00625aee00476bc7b4951884
8510c5988d05e3e0eb33cea61d4f4f3fdc1a87d32ce1178f1f2b851e3f87fff0
86c9bcfb7dfe01812b4dcfc944c93553f4a02cc77788e064126640b8728efcc8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a5f712160609878eb0070d236a63ad8863312e1e19aa6b67f6e8fa513a45565
8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
9013a9ca40a672ee35978b117e54d8b342cb591e8951f599a2b6dfef9d9fa723
9261a1c667f3b33623d81a8ca7de614cadb3a0a97aa060f84e2b560b300f60f8
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
934abde684325043e16edeffd73752cd5f0ab00b5723d8e47a618ce3f16a3799
94e25a4cbb905f5c59751999c7f2e02e2141e2dd71fd7ed52d493c394e56523b
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df
99e8efabe56607d26679e630c10920b5a977e8a704aa3f640d3d7c4f08ef4509
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a44839c944fc6d884252e1e480b8392534972345aa976306048aa42c565a6601
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a6a8ae71ec28efe972d115583626f2fd66093c3b3bf63e8e50125a79d3911d71
a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b
ac63e48ac09a7062a6703eea2ee3158007978beade54e236107cf22aaf089d42
ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf826d1f3b3cc0bb04939cf7d2d1a141f788ebb641213e8c1b46c32f6f25a5c
acfdedb137169396e6c8f061929c996837a4fe685a200f4e8bac8c0698f0bd61
ae3ac7ed9f6ca4112df0192395fe8e05a6bccb02f5b3812b396d147715dbfdb2
af58f28a3b214203fec8fd94cbc69e3521b6dcfcd76ad918d73ec8620b357021
afd6331e4cf7dd7b4593ab1c4d33e7d4c2c99a0be8aba0541921242c1b71459d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2b6a3347107fa4e4f0fc1ba142fd8d552d8c85c11f79c7fd5297cc9def629e0
b46ecf1bd85bbbe0bd1d75d1b59760137e9d6f2a521a484a494fde64da6f6913
b757247071ccd38d077d28c0c474bb1703e5cdd99974c99609939c51e11880fa
b8cca3e3649a308ed4e7cf9cb83a22f5383378f4bb3499d1c9483648895db917
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7ccabf7c65291dd7fb2b10cfc555b9b775774aa584bb66a972a8a325b428f7
bcbc3e8177967b6713301b69a1c24e448abbd859f9864c068e8945144ef603d5
bd18e405cbfb6fb5c27224b38e792c8b6542d9b7eae37aa5883808b69392dcef
bf1eb05342f4806cb215501fe45986bba1249191f2fae02687ab0a840ecb29c0
c22cb9259c7f71633eb2f2e43f3629bb2ef651868c0896bfe4da93a00631ef6d
c2bc126a6bc5b76cd14dc4d234c3bf9f65b3614b066274d9a73dbff08b35995d
c47725579a5ac0fdb2f1617b5cf8863a5a57fa7ed8d69969c9da7a0f6ab70470
c67544fd10011f859ef0b47b80ed24f435b1e2f425730190c24d08a9f680b91d
c692f0d15d92d902c12d745947ba1f892a76bbf3f74c6f3a9f590afd0653ee04
c718fec567c65c20e60291e61ec730f569cd3984fcb59039a222425ecd80885b
c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca0b1a7c478401eed61826e184755c776caa840e7d83070738254b6170fdf205
cb9c1affd53cc902333afe5879d98f48baf1f9034d27ff0db04f495b3264f791
ccc9e1ac02727148218437845e0cce29fc95c661ae8ac46d90f090a52caf7581
cd3179714cc77f87b3275aecc5901867606b239d2f8d7f6a287c1a9800ff0021
cde6e07ec0603e970f7f79ae271ad6a378d204f4ef1f8f7241ca1552d52fbac5
cf2066cbddd11120323965d776a04384f7fc450854218082ce14873e9b06e7c8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f
d0968c5dd18ce893a1abf23e15f0bf25456d5703a24e61f5707db8e2025d1135
d553f35feeb99fb57ddee1f88dfdb3581087d3f549b6755bad72d2391e8b7d50
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d6a3e66c8af45914c313cbc1401c93e27bd63339b3ea769ca2a4f1413095feb6
d83276cec4453b17a6505a9b32f584f2e9436f5e29e4cb4f06d19f6f346f357a
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ded840a5f928bf7a6acf3284c66db9072ec9c5380f19c976d25e221f0ce389d8
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
dfc5d5c7fb034396e04143bdba66dbacf348c6b807fdd678ddc9e7b3201947e0
e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e670cac10f34eed97a3f2b7346a69e3866df9991b596f1c2bb1e3f4b69b88101
e725928ffb665a91ca8a3631e3002edba9b0f9ec66b40a59d53db0f44827e34e
e88bcfc583fe7caf8ed0bb3c7f0e1e067cb16ae09f24a08bd1dca8c789265b40
e98194020da9e0a45aba6fc14f63aa5d416a3da89c25d2575613df1a55756497
ea47109a844f93cd3242df1fecd1d368fc422c2868b3b66005e26f755b622505
ec724cceef32a98d037c3de5a036fa3f8fc3e96c7bf5fc7385253ee35a785e0a
ecee1d502f45731162f99f4d6aa07c0315a26a8382c1b1bc3c9958ab3ff04000
ed0f4f0af70e74082f116797e64983635012530b9eb213ffd2b03fd1501de854
ed99491fe47b5733d1ad2fbf90f5d9066d049a530d1b92ebe47be5e0c527a32e
eed4eecabb579aae6b9e4c1bc2ebef74c8f83486079cf6688bdc1dcc5b1e0ca0
eefd62bfe6d0ad2f3f2b7bddb8f2c46d7c8b6ed4897e3f9309968a58dc078753
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f43d4d35e7ac1e815dc0c8897806e30d928ee62e1aa6ac20f49c649f8b694004
f49427026e694dbaf99e8f57b32ce0cc536bb49afcf406a2680513cf6a70263f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fac55d188233bffb66023997fcdf69c38df2f62ee4654ad62c61a85b6e81d705
fafb275b28b94b94ecf543503c093b1ac509c8e094facd06a7cbfe88ddd2a896
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fdd865ce3140fedff98cf8596741684661cece4de03dcd3e4e8cb33dffb81a9a

www.threatminer.org Open in urlscan Pro 2606:4700:20::681a:eeb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

282 Requests

99 %HTTPS

56 %IPv6

24 Domains

54 Subdomains

42 IPs

5 Countries

6072 kBTransfer

14939 kBSize

13 Cookies

9 Outgoing links

Redirected requests

282 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.threatminer.org Open in urlscan Pro
2606:4700:20::681a:eeb Public Scan

Screenshot
Live screenshot

Full Image

282
Requests

99 %
HTTPS

56 %
IPv6

24
Domains

54
Subdomains

42
IPs

5
Countries

6072 kB
Transfer

14939 kB
Size

13
Cookies

282 HTTP transactions
6 data transactions