urlscan.io logo urlscan.io
SecurityTrails logo

www.wicar.org Open in urlscan Pro
199.34.228.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://malware.wicar.org/
Effective URL: https://www.wicar.org/test-malware.html
Submission: On April 01 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 6 domains to perform 40 HTTP transactions. The main IP is 199.34.228.69, located in United States and belongs to WEEBLY, US. The main domain is www.wicar.org.
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.
This is the only time www.wicar.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2607:ff18:80:6::6a08 (United States)

ASN40630 (GRIDFURY-AS, US)
malware.wicar.org
5    199.34.228.69 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-custom-21.weebly.com
www.wicar.org
8    2a04:4e42:200::302 (United States)

ASN54113 (FASTLY, US)
cdn2.editmysite.com
1    2600:9000:20e4:6600:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
w.sharethis.com
7    2600:9000:20e4:bc00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
w.sharethis.com
ws.sharethis.com
2    2404:6800:4004:821::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    52.52.193.129 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-193-129.us-west-1.compute.amazonaws.com
l.sharethis.com
2    151.101.193.46 (United States)

ASN54113 (FASTLY, US)
cdn2.editmysite.com
1    2404:6800:4004:826::2008 (Australia)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    13.35.49.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-83.nrt20.r.cloudfront.net
count-server.sharethis.com
2    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    52.43.19.39 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-19-39.us-west-2.compute.amazonaws.com
ec.editmysite.com
1    142.250.196.110 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f14.1e100.net
www.google-analytics.com
2    23.62.20.93 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-20-93.deploy.static.akamaitechnologies.com
t.sharethis.com
1    18.172.31.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-31-122.nrt20.r.cloudfront.net
platform-api.sharethis.com
1    54.255.101.74 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-101-74.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2600:9000:20e4:1000:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
Apex Domain
Subdomains		 Transfer
16 sharethis.com
w.sharethis.com — Cisco Umbrella Rank: 29845
ws.sharethis.com — Cisco Umbrella Rank: 13706
l.sharethis.com — Cisco Umbrella Rank: 4779
count-server.sharethis.com — Cisco Umbrella Rank: 11614
t.sharethis.com — Cisco Umbrella Rank: 6265
platform-api.sharethis.com — Cisco Umbrella Rank: 4400
77 KB
12 editmysite.com
cdn2.editmysite.com — Cisco Umbrella Rank: 15186
ec.editmysite.com — Cisco Umbrella Rank: 16659
455 KB
7 wicar.org
malware.wicar.org
www.wicar.org
18 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 632
www.google-analytics.com — Cisco Umbrella Rank: 34
38 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
162 KB
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 953
612 B
40 6
Domain Requested by
10 cdn2.editmysite.com www.wicar.org
cdn2.editmysite.com
7 ws.sharethis.com w.sharethis.com
ws.sharethis.com
www.wicar.org
5 www.wicar.org www.wicar.org
cdn2.editmysite.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 l.sharethis.com 1 redirects www.wicar.org
2 t.sharethis.com w.sharethis.com
t.sharethis.com
2 ec.editmysite.com cdn2.editmysite.com
2 www.googletagmanager.com www.wicar.org
www.googletagmanager.com
2 w.sharethis.com 1 redirects www.wicar.org
2 malware.wicar.org
1 bcp.crwdcntrl.net platform-api.sharethis.com
1 platform-api.sharethis.com w.sharethis.com
1 count-server.sharethis.com ws.sharethis.com
1 ssl.google-analytics.com www.wicar.org
40 14
Subject Issuer Validity Valid
malware.wicar.org
R3		 2024-02-19 -
2024-05-19		 3 months crt.sh
www.wicar.org
R3		 2024-02-26 -
2024-05-26		 3 months crt.sh
*.editmysite.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-15 -
2025-04-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
ec.editmysite.com
Amazon RSA 2048 M01		 2023-06-12 -
2024-07-10		 a year crt.sh
cert1-prod.aut.a24365.net
R3		 2024-03-29 -
2024-06-27		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03		 2023-10-08 -
2024-11-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.wicar.org/test-malware.html
Frame ID: 594F6E622688BBC4673DB57F8F7D8BC9
Requests: 37 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1325.23384&cid=c010
Frame ID: 0B409CAC028779650814AA56CFDAB248
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 532E98F798F72CCA186FF2B9C6C764F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Test Malware! - WICAR.org - Test Your Anti-Malware Solution!

Page URL History Show full URLs

  1. http://malware.wicar.org/ HTTP 307
    https://malware.wicar.org/ Page URL
  2. https://www.wicar.org/test-malware.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\d+\.editmysite\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • w\.sharethis\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

95 %
HTTPS

47 %
IPv6

6
Domains

14
Subdomains

16
IPs

4
Countries

749 kB
Transfer

2448 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://malware.wicar.org/ HTTP 307
    https://malware.wicar.org/ Page URL
  2. https://www.wicar.org/test-malware.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://malware.wicar.org/ HTTP 307
  • https://malware.wicar.org/
Request Chain 9
  • http://w.sharethis.com/button/buttons.js HTTP 301
  • https://w.sharethis.com/button/buttons.js
Request Chain 17
  • https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1711935545664.31008&hostname=www.wicar.org&location=%2Ftest-malware.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&refDomain=malware.wicar.org&url=https%3A%2F%2Fwww.wicar.org%2Ftest-malware.html&title=Test%20Malware!%20-%20WICAR.org%20-%C2%A0Test%20Your%20Anti-Malware%20Solution!&sop=false&description=Each%20test%20will%20open%20up%20a%20new%20browser%20window%20at%20http%3A%2F%2Fmalware.wicar.org%2F.%20You%20may%20wish%20to%20try%20each%20test%20systematically.%20Ideally%2C%20all%20tests%20should%20be%20blocked%20by%20your%20anti-malware%20defences.%20If%20a%20blank...&ua=%22Google%20Chrome%22%3Bv%3D%22123%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22123%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22123.0.6312.86%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22123.0.6312.86%22&ua_platform_version=10.0.0&uuid=74d35055-c075-444b-92a1-a71c0a251341 HTTP 301
  • https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1711935545664.31008&hostname=www.wicar.org&location=%2Ftest-malware.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&refDomain=malware.wicar.org&url=https%3A%2F%2Fwww.wicar.org%2Ftest-malware.html&title=Test%20Malware!%20-%20WICAR.org%20-%C2%A0Test%20Your%20Anti-Malware%20Solution!&sop=false&description=Each%20test%20will%20open%20up%20a%20new%20browser%20window%20at%20http%3A%2F%2Fmalware.wicar.org%2F.%20You%20may%20wish%20to%20try%20each%20test%20systematically.%20Ideally%2C%20all%20tests%20should%20be%20blocked%20by%20your%20anti-malware%20defences.%20If%20a%20blank...&ua=%22Google%20Chrome%22%3Bv%3D%22123%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22123%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22123.0.6312.86%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22123.0.6312.86%22&ua_platform_version=10.0.0&uuid=74d35055-c075-444b-92a1-a71c0a251341&samesite=None

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
malware.wicar.org/
Redirect Chain
  • http://malware.wicar.org/
  • https://malware.wicar.org/
334 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://malware.wicar.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:ff18:80:6::6a08 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
2ceb98ecb7945f6423b5aedc10c0f346365c3fe3f599ca6b857e5665cb1b65be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
242
content-type
text/html; charset=UTF-8
date
Mon, 01 Apr 2024 01:39:04 GMT
etag
"14e-570a1fa2dc79d"
last-modified
Tue, 10 Jul 2018 09:44:32 GMT
server
Apache
vary
Accept-Encoding
via
e10s

Redirect headers

Location
https://malware.wicar.org/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request test-malware.html
www.wicar.org/ 		37 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wicar.org/test-malware.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-21.weebly.com
Software
Apache /
Resource Hash
cda56d415849eabed45a56c4b245dca667c07febbc29b799809a18c50c063869

Request headers

Referer
https://malware.wicar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
jp-JP,jp;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
8108
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Apr 2024 01:39:05 GMT
ETag
W/"790e44229e3f469fa43d87678123556b-gzip"
Keep-Alive
timeout=10, max=55
Server
Apache
Vary
X-W-SSL,Accept-Encoding,User-Agent
X-Host
blu150.sf2p.intern.weebly.net
X-UA-Compatible
IE=edge,chrome=1
favicon.ico
malware.wicar.org/ 		2 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://malware.wicar.org/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:ff18:80:6::6a08 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://malware.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 01:39:04 GMT
content-encoding
gzip
via
e10s
last-modified
Wed, 07 Nov 2012 11:11:31 GMT
server
Apache
etag
"80a-4cde5c7d9fec0"
vary
Accept-Encoding
content-type
image/x-icon
accept-ranges
bytes
content-length
953
sites.css
cdn2.editmysite.com/css/ 		206 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/sites.css?buildTime=1696105269
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecab7ce27f2bc2fcdd78cb016d7e8908af282b3914a1993b26cb7cbc84039b3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
286, 13
date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1177354
x-cache
HIT, HIT
x-host
blu25.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
29654
x-served-by
cache-sjc10067-SJC, cache-nrt-rjtf7700067-NRT
last-modified
Fri, 15 Mar 2024 20:35:42 GMT
server
nginx
x-timer
S1711935545.462734,VS0,VE0
etag
W/"65f4b11e-337cc"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 01 Apr 2024 10:36:31 GMT
fancybox.css
cdn2.editmysite.com/css/old/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/css/old/fancybox.css?1696105269
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
34, 1
date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
997987
x-cache
HIT, HIT
x-host
blu18.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1218
x-served-by
cache-sjc10069-SJC, cache-nrt-rjtf7700067-NRT
last-modified
Tue, 19 Mar 2024 21:00:14 GMT
server
nginx
x-timer
S1711935545.462528,VS0,VE1
etag
"65f9fcde-f47"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 03 Apr 2024 12:25:58 GMT
main_style.css
www.wicar.org/files/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wicar.org/files/main_style.css?1696165235
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
51153664d232a1a9e17634e0cd3d3fad01e8be398ff9e931f1a2cba0090cae33

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/test-malware.html
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 01:39:05 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
text/css
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
X-Host
blu152.sf2p.intern.weebly.net
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
font.css
cdn2.editmysite.com/fonts/Open_Sans/ 		3 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/fonts/Open_Sans/font.css?2
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f435c7332d3136b59a056b0c7e23926256b057ac7598568a8120f070c2ec30d4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
15, 113
date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
383858
x-cache
HIT, HIT
x-host
blu139.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
367
x-served-by
cache-sjc10081-SJC, cache-nrt-rjtf7700067-NRT
last-modified
Tue, 26 Mar 2024 16:31:46 GMT
server
nginx
x-timer
S1711935545.463409,VS0,VE0
etag
"6602f872-a2a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 10 Apr 2024 15:01:27 GMT
jquery-1.8.3.min.js
cdn2.editmysite.com/js/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
82, 13266
date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1045851
x-cache
HIT, HIT
x-host
blu61.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33467
x-served-by
cache-sjc10032-SJC, cache-nrt-rjtf7700067-NRT
last-modified
Tue, 19 Mar 2024 21:00:00 GMT
server
nginx
x-timer
S1711935545.463061,VS0,VE0
etag
"65f9fcd0-16dc4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 02 Apr 2024 23:08:15 GMT
stl.js
cdn2.editmysite.com/js/lang/en/ 		182 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1696105269&
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cea4825b33f57b1a75af5e3a079ec8e1c05d83a881f9f597e03349d09d962b8b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
786, 1
date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
957844
x-cache
HIT, HIT
x-host
blu68.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33667
x-served-by
cache-sjc10031-SJC, cache-nrt-rjtf7700067-NRT
last-modified
Wed, 20 Mar 2024 21:43:27 GMT
server
nginx
x-timer
S1711935545.463105,VS0,VE1
etag
"65fb587f-2d888"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 03 Apr 2024 23:35:01 GMT
main.js
cdn2.editmysite.com/js/site/ 		466 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/site/main.js?buildTime=1696105269
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
66, 1
date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
903352
x-cache
HIT, HIT
x-host
blu124.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
146401
x-served-by
cache-sjc10039-SJC, cache-nrt-rjtf7700067-NRT
last-modified
Wed, 20 Mar 2024 21:45:05 GMT
server
nginx
x-timer
S1711935545.463101,VS0,VE2
etag
"65fb58e1-74804"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Thu, 04 Apr 2024 14:43:14 GMT
buttons.js
w.sharethis.com/button/
Redirect Chain
  • http://w.sharethis.com/button/buttons.js
  • https://w.sharethis.com/button/buttons.js
106 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.sharethis.com/button/buttons.js
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Server
2600:9000:20e4:bc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c06ec88641687c7f653a3e6b3a601130400dc1698afe67c531d693406cd99440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sun, 31 Mar 2024 12:44:59 GMT
content-encoding
gzip
via
1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
NRT20-C2
age
46446
etag
W/"658496ad-1a60a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
GZMTaQj_4dgg_3_2rs808UDquINIH2ASZIKSIr4U-LWcir2WDc-KKg==
expires
Wed, 03 Apr 2024 12:44:59 GMT

Redirect headers

Date
Mon, 01 Apr 2024 01:39:05 GMT
Via
1.1 6e20b74239b0053326b7358e21ef4eae.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
NRT20-C2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://w.sharethis.com/button/buttons.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
WsKmr_uuQzQPI3okptW7Gw4MOwrQYP7oo12Dc5aH0NDtnT_fi2vmDQ==
main-customer-accounts-site.js
cdn2.editmysite.com/js/site/ 		522 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1696105269
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dd8581d4db21d53a79ddeb0cea5289108dbdc0d214a6391a959d93a30e5d04b7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
97, 1
date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1157240
x-cache
HIT, HIT
x-host
grn45.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
159146
x-served-by
cache-sjc1000141-SJC, cache-nrt-rjtf7700067-NRT
last-modified
Mon, 18 Mar 2024 14:04:32 GMT
server
nginx
x-timer
S1711935545.463078,VS0,VE1
etag
"65f849f0-826d7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Mon, 01 Apr 2024 16:11:45 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5568574-11
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ec0d32a10aa0c19ee8d85b61b0903a021179d8f66601bf75c90be7083255444
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75514
x-xss-protection
0
last-modified
Mon, 01 Apr 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Apr 2024 01:39:05 GMT
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:bc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c92c3814d5c8ef8bd016d9cb4dec18ff0dfca4a3f2b4968207888383095e0197
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 23:07:59 GMT
content-encoding
gzip
via
1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
NRT20-C2
age
9066
x-cache
Hit from cloudfront
content-length
18814
server
nginx/1.20.1
etag
W/"658496e7-16245"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
1E5NtZ0tWNTra80WXvVSl1c_8csXsKio2frq-JRl3FDmHk86QTuveQ==
expires
Wed, 03 Apr 2024 23:07:59 GMT
log
l.sharethis.com/ 		0
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/log?event=ibl&url=https://malware.wicar.org/&description=Each%20test%20will%20open%20up%20a%20new%20browser%20window%20at%20http%3A%2F%2Fmalware.wicar.org%2F.%20You%20may%20wish%20to%20try%20each%20test%20systematically.%20Ideally%2C%20all%20tests%20should%20be%20blocked%20by%20your%20anti-malware%20defences.%20If%20a%20blank...&img_pview=true
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.193.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-193-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 01:39:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHEABGYKEDoAAAAIcZsxAw==
Access-Control-Allow-Headers
*
X-Robots-Tag
noindex, nofollow
bullet.png
www.wicar.org/files/theme/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wicar.org/files/theme/bullet.png?1696165235
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/files/main_style.css?1696165235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
e4598c4de9b0cb9f51a572208fa909295ea8168c1d7fcb8941fee869706811a0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/files/main_style.css?1696165235
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 01:39:05 GMT
X-Storage-Object
e4598c4de9b0cb9f51a572208fa909295ea8168c1d7fcb8941fee869706811a0
Last-Modified
Tue, 27 Oct 2020 15:57:36 GMT
Server
nginx
x-amz-request-id
tx0000000000000022b84b3-006284f071-b9fbc20-sfo1
ETag
"ade925929d3c8bef998838a29bf90aae"
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
image/png; charset=binary
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
X-Storage-Bucket
ze459
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
Content-Length
1156
regular.woff2
cdn2.editmysite.com/fonts/Open_Sans/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/fonts/Open_Sans/regular.woff2
Requested by
Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Open_Sans/font.css?2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn2.editmysite.com/fonts/Open_Sans/font.css?2
Origin
https://www.wicar.org
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
6, 23
date
Mon, 01 Apr 2024 01:39:05 GMT
via
1.1 varnish, 1.1 varnish
age
831725
x-cache
HIT, HIT
x-host
grn109.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16740
x-served-by
cache-sjc1000135-SJC, cache-nrt-rjtf7700026-NRT
last-modified
Thu, 21 Mar 2024 17:59:39 GMT
server
nginx
x-timer
S1711935546.718312,VS0,VE0
etag
"65fc758b-4164"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Fri, 05 Apr 2024 10:37:01 GMT
bold.woff2
cdn2.editmysite.com/fonts/Open_Sans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/fonts/Open_Sans/bold.woff2
Requested by
Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Open_Sans/font.css?2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.46 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn2.editmysite.com/fonts/Open_Sans/font.css?2
Origin
https://www.wicar.org
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
13, 26
date
Mon, 01 Apr 2024 01:39:05 GMT
via
1.1 varnish, 1.1 varnish
age
928218
x-cache
HIT, HIT
x-host
grn28.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16372
x-served-by
cache-sjc10053-SJC, cache-nrt-rjtf7700026-NRT
last-modified
Wed, 20 Mar 2024 18:26:42 GMT
server
nginx
x-timer
S1711935546.718076,VS0,VE0
etag
"65fb2a62-3ff4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Thu, 04 Apr 2024 07:48:47 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1711935545664.31008&hostname=www.wicar.org&location=%2Ftest-malware.html&product=widget&fcmp=false&fcmpv2=false&publis...
  • https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1711935545664.31008&hostname=www.wicar.org&location=%2Ftest-malware.html&product=widget&fcmp=false&fcmpv2=false&publisher...
176 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1711935545664.31008&hostname=www.wicar.org&location=%2Ftest-malware.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&refDomain=malware.wicar.org&url=https%3A%2F%2Fwww.wicar.org%2Ftest-malware.html&title=Test%20Malware!%20-%20WICAR.org%20-%C2%A0Test%20Your%20Anti-Malware%20Solution!&sop=false&description=Each%20test%20will%20open%20up%20a%20new%20browser%20window%20at%20http%3A%2F%2Fmalware.wicar.org%2F.%20You%20may%20wish%20to%20try%20each%20test%20systematically.%20Ideally%2C%20all%20tests%20should%20be%20blocked%20by%20your%20anti-malware%20defences.%20If%20a%20blank...&ua=%22Google%20Chrome%22%3Bv%3D%22123%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22123%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22123.0.6312.86%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22123.0.6312.86%22&ua_platform_version=10.0.0&uuid=74d35055-c075-444b-92a1-a71c0a251341&samesite=None
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
HTTP/1.1
Server
52.52.193.129 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-193-129.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
8976a91a54bdc4bb34c73cd16e43ae6bd3b952925c35e9c3cd5ce496b20c39c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.wicar.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Apr 2024 01:39:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.wicar.org
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHkAA2YKEDoAAAAIKR5BAw==
Access-Control-Allow-Headers
*
Content-Length
176
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Mon, 01 Apr 2024 01:39:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.wicar.org
Location
/sc?event=pview&version=buttons.js&lang=en&sessionID=1711935545664.31008&hostname=www.wicar.org&location=%2Ftest-malware.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&refDomain=malware.wicar.org&url=https%3A%2F%2Fwww.wicar.org%2Ftest-malware.html&title=Test%20Malware!%20-%20WICAR.org%20-%C2%A0Test%20Your%20Anti-Malware%20Solution!&sop=false&description=Each%20test%20will%20open%20up%20a%20new%20browser%20window%20at%20http%3A%2F%2Fmalware.wicar.org%2F.%20You%20may%20wish%20to%20try%20each%20test%20systematically.%20Ideally%2C%20all%20tests%20should%20be%20blocked%20by%20your%20anti-malware%20defences.%20If%20a%20blank...&ua=%22Google%20Chrome%22%3Bv%3D%22123%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%20%22Chromium%22%3Bv%3D%22123%22&ua_mobile=false&ua_platform=Win32&ua_full_version_list=%22Google%20Chrome%22%3Bv%3D%22123.0.6312.86%22%2C%20%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%20%22Chromium%22%3Bv%3D%22123.0.6312.86%22&ua_platform_version=10.0.0&uuid=74d35055-c075-444b-92a1-a71c0a251341&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHkAA2YKEDoAAAAIKR5BAw==
Access-Control-Allow-Headers
*
Content-Length
1188
X-Robots-Tag
noindex, nofollow
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Apr 2024 00:32:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4017
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 01 Apr 2024 02:32:08 GMT
snowday262.js
cdn2.editmysite.com/js/wsnbn/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
8, 5892
date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
319770
x-cache
HIT, HIT
x-host
blu147.sf2p.intern.weebly.net
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25752
x-served-by
cache-sjc10061-SJC, cache-nrt-rjtf7700067-NRT
last-modified
Wed, 27 Mar 2024 15:32:50 GMT
server
nginx
x-timer
S1711935546.728444,VS0,VE0
etag
"66043c22-124fe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Thu, 11 Apr 2024 08:49:35 GMT
/
www.wicar.org/ajax/api/JsonRPC/CustomerAccounts/ 		348 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wicar.org/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by
Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-21.weebly.com
Software
Apache /
Resource Hash
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.wicar.org/test-malware.html
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 01:39:05 GMT
Server
Apache
Vary
X-W-SSL,User-Agent
Content-Type
application/json
X-Host
grn94.sf2p.intern.weebly.net
Connection
Keep-Alive
Keep-Alive
timeout=10, max=60
Content-Length
348
X-UA-Compatible
IE=edge,chrome=1
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:bc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 14:16:51 GMT
content-encoding
gzip
via
1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 21 Dec 2023 19:49:59 GMT
server
nginx/1.20.1
x-amz-cf-pop
NRT20-C2
age
40934
etag
W/"658496e7-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
DDIqbzIfE_Q0-9ng9UGTBeJkWmG-Tnc3loTqSVVpfdIKYJJJ6508Ng==
get_counts
count-server.sharethis.com/v2.0/ 		256 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Fwww.wicar.org%2Ftest-malware.html&cb=stButtons.processCB&wd=true
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.49.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-49-83.nrt20.r.cloudfront.net
Software
/
Resource Hash
450fa12d0f098da7c98ec13e17506d521b683cdb5e1ccdf529202b2f4fd23909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 01:39:05 GMT
via
1.1 51d604be742eb5ae4101b732c73a9dcc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
NRT20-C1
etag
873598d0bbba750cca739aedfc341016
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
public, max-age=3600
content-length
256
apigw-requestid
VhNMzj0soAMEaYA=
x-amz-cf-id
NXrc1hqfDZXdtb1kIokuLotpHfdYQ-oCXqfe_P6YMn-GOg73i22yhQ==
facebook_counter.png
ws.sharethis.com/images/2017/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:bc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 08:22:19 GMT
via
1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
NRT20-C2
age
4123006
etag
"658496ad-977"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2423
x-amz-cf-id
GVFukopYPeHZXGt-UF09LV-4Lflpqghhb5e2DAy7szvZJK3ItTSvzA==
expires
Wed, 12 Feb 2025 08:22:19 GMT
twitter_counter.png
ws.sharethis.com/images/2017/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/twitter_counter.png
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:bc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 00:21:58 GMT
via
1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
NRT20-C2
age
91027
etag
"658496ad-9ae"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2478
x-amz-cf-id
pAcjjfEy1jwzDCMWbGnlC4zE7kD-LNKhArsEOii0bCW8rpttf37mKw==
expires
Mon, 31 Mar 2025 00:21:58 GMT
linkedin_counter.png
ws.sharethis.com/images/2017/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/linkedin_counter.png
Requested by
Host: www.wicar.org
URL: https://www.wicar.org/test-malware.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:bc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0e3f83554765fa48514ce0a169441466f92010d01cdc716003e02317bffc6993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 07:59:09 GMT
via
1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
NRT20-C2
age
4124396
etag
"658496ad-9e1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2529
x-amz-cf-id
fRMsP8nwIUbWc5votRkO2O3H7gIT2zqtkuullyCOYCQvFl9iIqJ-Yw==
expires
Wed, 12 Feb 2025 07:59:09 GMT
bubble_arrow.png
ws.sharethis.com/secure/images/ 		979 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/secure/images/bubble_arrow.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:bc00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ws.sharethis.com/button/css/buttons-secure.css
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 09 Mar 2024 00:39:24 GMT
via
1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
NRT20-C2
age
1990781
etag
"658496e7-3d3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
979
x-amz-cf-id
eikoxyFUxsP1ewJVtdsny_7P4c6bFKBi6v1yLcO4i0ESiKLzeWEk7A==
expires
Sun, 09 Mar 2025 00:39:24 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FZX7V2575Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5568574-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38d0671fc482fdc802309190258a05a2ac5e799a233cfe411b4dfcb024d0eca7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 01:39:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89833
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Apr 2024 01:39:05 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5568574-11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Apr 2024 01:24:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
880
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 01 Apr 2024 03:24:25 GMT
tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.19.39 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-19-39.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wicar.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.wicar.org
access-control-max-age
600
content-length
0
date
Mon, 01 Apr 2024 01:39:06 GMT
server
nginx
tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ 		2 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.19.39 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-19-39.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.wicar.org
date
Mon, 01 Apr 2024 01:39:06 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=295304933&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wicar.org%2Ftest-malware.html&dr=https%3A%2F%2Fmalware.wicar.org%2F&ul=en-us&de=UTF-8&dt=Test%20Malware!%20-%20WICAR.org%20-%C2%A0Test%20Your%20Anti-Malware%20Solution!&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YEBAAUABAAAAACAAI~&jid=69700225&gjid=1439557248&cid=1047022693.1711935546&tid=UA-5568574-11&_gid=1563436052.1711935546&_r=1&gtm=457e43r0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1240814390
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 01:39:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wicar.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FZX7V2575Y&gtm=45je43r0v9117534308za200&_p=1711935545724&gcd=13l3l3l3l1&npa=0&dma=0&cid=1047022693.1711935546&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711935545&sct=1&seg=0&dl=https%3A%2F%2Fwww.wicar.org%2Ftest-malware.html&dr=https%3A%2F%2Fmalware.wicar.org%2F&dt=Test%20Malware!%20-%20WICAR.org%20-%C2%A0Test%20Your%20Anti-Malware%20Solution!&en=page_view&_fv=1&_ss=1&tfd=1561
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZX7V2575Y&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 01:39:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wicar.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
www.wicar.org/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.wicar.org/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.69 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
pages-custom-21.weebly.com
Software
nginx /
Resource Hash
e938d65b691d9579afbc9061e0cf4e8dc89e63701a41a5e26fb24cc7107e9248

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/test-malware.html
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 01:39:06 GMT
X-Storage-Object
e938d65b691d9579afbc9061e0cf4e8dc89e63701a41a5e26fb24cc7107e9248
Last-Modified
Mon, 09 Dec 2019 04:22:47 GMT
Server
nginx
x-amz-request-id
tx00000960f034b8f08fbc9-006605dfd4-e8f4575-sfo1
ETag
"df77c316630d6b7957c7645347576c4b"
Access-Control-Allow-Methods
GET, POST, DELETE, OPTIONS
Content-Type
image/vnd.microsoft.icon
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
X-Storage-Bucket
ze938
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, Authorization, Content-Type
Content-Length
2058
t.dhj
t.sharethis.com/1/k/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?rnd=1711935546224&cid=c010&dmn=www.wicar.org&gdpr_domain=false
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad599cf3e3185e7b565cbdbd38dc67723da4b78d44850f0f5f1551241ec39832
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Apr 2024 01:39:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1363
Expires
Mon, 01 Apr 2024 02:39:06 GMT
panorama.js
platform-api.sharethis.com/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/panorama.js
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-122.nrt20.r.cloudfront.net
Software
/
Resource Hash
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 01:34:30 GMT
content-encoding
gzip
via
1.1 6149f46c7356f1b6aa240cc7ba3d1060.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 19 Mar 2024 22:24:27 GMT
x-amz-cf-pop
NRT20-P1
age
276
etag
W/"9a71-18e58d0dd78"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cache
Hit from cloudfront
cache-control
public, max-age=3600
accept-ranges
bytes
x-amz-cf-id
V0MkQwutfadG4S14_B6vllSxxaJsx3FWQCMnfnTJvS2bnQatDGisWQ==
t_.htm
t.sharethis.com/a/ Frame 0B40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1325.23384&cid=c010
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?rnd=1711935546224&cid=c010&dmn=www.wicar.org&gdpr_domain=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://www.wicar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
jp-JP,jp;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Mon, 01 Apr 2024 01:39:06 GMT
Expires
Mon, 08 Apr 2024 01:39:06 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
map
bcp.crwdcntrl.net/6/ 		156 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/panorama.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.101.74 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-101-74.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2acf95cae54830ed3022c17ebf47506caf0e115a4eb8d248c9c8b0b2d4e8be23

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.wicar.org/
accept-language
jp-JP,jp;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 01:39:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.wicar.org
cache-control
no-cache
x-server
10.42.25.69
access-control-allow-credentials
true
content-length
156
expires
0
index.html
ws.sharethis.com/secure5x/ Frame 532E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e4:1000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wicar.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
jp-JP,jp;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
47901
content-encoding
gzip
content-length
4081
content-type
text/html
date
Sun, 31 Mar 2024 12:20:47 GMT
etag
W/"658496e7-390f"
last-modified
Thu, 21 Dec 2023 19:49:59 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
Ld9Bbo67uXAmkLK8OLKyQz53YSqmA8DPqlbtXRJNd3y5CQbtbxgOhw==
x-amz-cf-pop
NRT20-C2
x-cache
Hit from cloudfront
x-robots-tag
noindex, nofollow

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onpagereveal string| STATIC_BASE string| ASSETS_BASE string| STYLE_PREFIX function| $ function| jQuery object| Weebly object| _W function| publishedWBJP string| RECAPTCHA_PUBLIC_KEY string| INVISIBLE_RECAPTCHA_PUBLIC_KEY function| _ object| Mustache object| jQBrowser function| PlatformElement function| whenThemeCSSLoaded function| isThemeCSSLoaded function| blogCommentDisplayForm object| YTPlayer object| VimeoPlayer function| Sd function| Rd boolean| Cd function| videojs function| _V_ object| jsonrpc function| getCartCount function| getCartNavElement function| reportCartNavElement function| initPublishedFlyoutMenus boolean| flyoutMenusRefreshable function| initEditorFlyoutMenus function| refreshNavCondense boolean| disableFlyouts function| FlyoutMenu function| objectify object| mejs function| MediaElement function| MediaElementPlayer function| require function| platformElementRequire function| initCustomerAccountsModels object| initEvt string| com_currentSite string| com_userID function| initFlyouts boolean| switchTo5x object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing undefined| windowHref object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| gtag object| dataLayer object| _gaq object| r function| snPlObR string| s object| regEx object| drSegmentsTag undefined| segmentData object| GlobalSnowplowNamespace function| snowday object| jQuery18308198014090766554 boolean| lightboxLoaded object| navFlyoutMenu function| refreshPublishedFlyoutMenus function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog string| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback boolean| openWidget object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| Snowplow object| _gat object| gaplugins object| gaGlobal object| gaData string| baseURL object| lotame_sync_16621 function| lotameIsCompatible function| sync16621_aa function| sync16621_c undefined| sync16621_d undefined| sync16621_ba undefined| sync16621_e function| sync16621_f object| sync16621_h function| sync16621_ca function| sync16621_j function| sync16621_da object| sync16621_ object| sync16621_ga object| sync16621_v object| sync16621_oa object| sync16621_xa object| sync16621_ya function| sync16621_a function| sync16621_b function| sync16621_g function| sync16621_i function| sync16621_k function| sync16621_l function| sync16621_m function| sync16621_n function| sync16621_o function| sync16621_p function| sync16621_q function| sync16621_r function| sync16621_fa function| sync16621_ea function| sync16621_s function| sync16621_t function| sync16621_u function| sync16621_w function| sync16621_ha function| sync16621_ia function| sync16621_y function| sync16621_ja function| sync16621_z function| sync16621_A function| sync16621_x function| sync16621_B function| sync16621_ka function| sync16621_C function| sync16621_D function| sync16621_E function| sync16621_F function| sync16621_G function| sync16621_H function| sync16621_I function| sync16621_J function| sync16621_K function| sync16621_L function| sync16621_la function| sync16621_ma function| sync16621_na function| sync16621_M function| sync16621_N function| sync16621_pa function| sync16621_O function| sync16621_qa function| sync16621_ra function| sync16621_sa function| sync16621_P function| sync16621_ta function| sync16621_ua function| sync16621_va function| sync16621_wa function| sync16621_Q function| sync16621_R function| sync16621_za function| sync16621_S function| sync16621_T function| sync16621_U function| sync16621_V function| sync16621_Aa function| sync16621_W function| sync16621_X function| sync16621_Y function| sync16621_Z function| sync16621__ function| sync16621_0 function| sync16621_Ea function| sync16621_Ba function| sync16621_1 function| sync16621_Da function| sync16621_Ca function| sync16621_2 function| sync16621_3 function| sync16621_4 function| sync16621_5 function| sync16621_Ga function| sync16621_Ha function| sync16621_Ja function| sync16621_Fa function| sync16621_7 function| sync16621_Ia function| sync16621_La function| sync16621_Ka function| sync16621_8 function| sync16621_6 function| sync16621_9 function| sync16621_Ma function| sync16621_Na function| sync16621_Oa function| sync16621_Pa function| sync16621_$ function| sync16621_Qa function| sync16621_Ra function| sync16621_Sa function| sync16621_Ta string| messageSet

32 Cookies

Domain/Path Name / Value
.www.wicar.org/ Name: is_mobile
Value: 0
www.wicar.org/ Name: language
Value: en
.wicar.org/ Name: _snow_ses.ae07
Value: *
.wicar.org/ Name: _snow_id.ae07
Value: 4afb4aee-0e46-450d-ae8a-908acff5615a.1711935546.1.1711935546.1711935546.5fa1795f-8280-4b04-9804-e48cbfd2144f
.wicar.org/ Name: _gid
Value: GA1.2.1563436052.1711935546
.wicar.org/ Name: _gat_gtag_UA_5568574_11
Value: 1
.wicar.org/ Name: _ga_FZX7V2575Y
Value: GS1.1.1711935545.1.0.1711935545.0.0.0
.wicar.org/ Name: _ga
Value: GA1.1.1047022693.1711935546
.sharethis.com/ Name: __stidv
Value: 2
.sharethis.com/ Name: __stid
Value: ZHEABGYKEDoAAAAIcZsxAw==
.wicar.org/ Name: fpestid
Value: R61mb8E2EGVxASkJ8XD6xsoWqjiBnqqcZUfKanyx2mMpfbEHJpgI8_Y7EkmKxqDpcG2ewA
.wicar.org/ Name: lotame_domain_check
Value: wicar.org
.t.sharethis.com/ Name: pxcelPage_default_c010
Value: 0_7_1711935546303
.adsrvr.org/ Name: TDID
Value: 77259dd1-7f96-4fa3-a7e7-e03a883075a0
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwj2j9f_5_3oPBAFOAE.
.eyeota.net/ Name: mako_uid
Value: 18e974f63d5-737f0000010e4e6e
.eyeota.net/ Name: SERVERID
Value: 20078~DM
.ml314.com/ Name: pi
Value: 3643144039529709592
.linkedin.com/ Name: bcookie
Value: "v=2&f4cb247c-ff68-445e-8aa8-8b9e16210791"
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2984:u=1:x=1:i=1711935546:t=1712021946:v=2:sig=AQHzT6eGv5m6u8TOILRfH5wJRYxmnEUW"
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 24414e23d2c542602106b193fe95c14b
.wicar.org/ Name: _cc_id
Value: 24414e23d2c542602106b193fe95c14b
.wicar.org/ Name: panoramaId_expiry
Value: 1712021946456
ec.editmysite.com/ Name: sp
Value: c0c5fd2e-601c-4c64-a32f-b6ffaa9667be
.yahoo.com/ Name: A3
Value: d=AQABBDoQCmYCEHIx_K5cRgYdWSre6-tRilgFEgEBAQFhC2YTZmChyyMA_eMAAA&S=AQAAAiUwntZvH9qAO19iZU8pRsk
.rlcdn.com/ Name: rlas3
Value: K+RCffR9Kvsq7Dm0f3eNfrqOn2y2IwzM/qFmxDeMCsc=
.analytics.yahoo.com/ Name: IDSYNC
Value: 19b8~2hm1
.rlcdn.com/ Name: pxrc
Value: CLqgqLAGEgUI6AcQABIFCNtOEAA=
.exelator.com/ Name: EE
Value: "8a705f524c25ee7a74974f54d1271bd0"
.exelator.com/ Name: udo
Value: "gAAAAAQAAARkKLUv%252FWBkAxUXAHaolEMgicoDAAwArDoA8AIASgD4%252Bus7XjtXJA3gwlZK7s5lso9Dff6OQv6YrS16itWWIFgmTv0DI01fHjNSkh1LEJSwLZQCgACBAIEAYfxqWdji%252FZ7qE83Sf13o%252BbwX55ol0yg%252FUqPpvqwAX6bSmm40yO45z8eqT2LdUbdhbsIKTuO5jo9b4sRsjiWn010Y55zCNWy14UqyixA2zKzh9M6bZdj5%252FoE%252B7hiwRVRYNaVqU%252FzpGiP%252BtDgxi1KXTXVC%252FYEDyd4gLzwLcH9MNwgtiQU1qOfKvu4XPV7oen7Qk3U%252FrPLjsLiH%252B98L1s2wHLRtyzAYdsE44NhtLUAllYT8eb3z3DdyHatfcuGU67%252FqGdIoe6aPngxdceXTAP%252B1gmZpCxw761xnb%252BwIzI%252BCXEnI4xeOI3denKJzTUcvi%252BNcZ3Ps4FdyXaZDtr6QovduwwsnVf2u51c79UxBv31dnDDjeycRyajJByp3hY9WZmCRF5xMzvObsvTgR7ZOFB4UvWejYtgiJj9jnFsw2QZX4VXQLF2JZJhhM6eH4Ddy9INdLBiqbSHtgtEu5%252BX%252FzQLSLFto45fzoWGHeGGHzhg%252Fz0q0pvDLjswEfRRVGWQXci33w6VbsndXAEFNUBMJAfYEVNTSdUtK6VMLmutQ6EPX74vSIyMjIwsyZe9NAMBm2JIt2XtLFuQNwTXMFoF%252BIDA%252BeiNCEAd2iMqidGbB6PHzrFoZLEyFRygwsP4CZIey%252Fgggh9t4rqMawStLatUWo3eUqkkvRE0%252BME7PfUsrzjOH1INqomCo6YmyAjcgMAJClFN3A%252FgLsJcs8arAh5gZ%252FVu5Kg%252B4ww1bYJRtpMaEf64AvfyQFi3tCKBdZ%252FcYzQCAtCrOZazkBRcCvdDc3DI351t%252BgVrm5e6MgFzJLuIgw8vRdrKVWhcdjpY3oRiIVhamzrxlC28nHOP2MnUR4MlVwjXwwzcU0te2jdPw7LFosVY7CrYMABtUFA%253D%253D"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEi0dzANM3UyCTZyDQ11TzR3MTS3CTN1CTF0MjcMCnFYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIeEl%252BUWb6Iq%252BAxUUpaQyLSopPBR%252F3XgEAgxkqAw%253D%253D"

79 Console Messages

Source Level URL
Text
security warning URL: https://www.wicar.org/test-malware.html
Message:
Mixed Content: The page at 'https://www.wicar.org/test-malware.html' was loaded over HTTPS, but requested an insecure script 'http://w.sharethis.com/button/buttons.js'. This content should also be served over HTTPS.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.wicar.org/test-malware.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cdn2.editmysite.com
count-server.sharethis.com
ec.editmysite.com
l.sharethis.com
malware.wicar.org
platform-api.sharethis.com
ssl.google-analytics.com
t.sharethis.com
w.sharethis.com
ws.sharethis.com
www.google-analytics.com
www.googletagmanager.com
www.wicar.org
13.35.49.83
142.250.196.110
151.101.193.46
18.172.31.122
199.34.228.69
23.62.20.93
2404:6800:4004:821::2008
2404:6800:4004:821::200e
2404:6800:4004:826::2008
2600:9000:20e4:1000:3:c04e:c780:93a1
2600:9000:20e4:6600:3:c04e:c780:93a1
2600:9000:20e4:bc00:3:c04e:c780:93a1
2607:ff18:80:6::6a08
2a04:4e42:200::302
52.43.19.39
52.52.193.129
54.255.101.74
0e3f83554765fa48514ce0a169441466f92010d01cdc716003e02317bffc6993
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2acf95cae54830ed3022c17ebf47506caf0e115a4eb8d248c9c8b0b2d4e8be23
2ceb98ecb7945f6423b5aedc10c0f346365c3fe3f599ca6b857e5665cb1b65be
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
38d0671fc482fdc802309190258a05a2ac5e799a233cfe411b4dfcb024d0eca7
450fa12d0f098da7c98ec13e17506d521b683cdb5e1ccdf529202b2f4fd23909
51153664d232a1a9e17634e0cd3d3fad01e8be398ff9e931f1a2cba0090cae33
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0
5ecab7ce27f2bc2fcdd78cb016d7e8908af282b3914a1993b26cb7cbc84039b3
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec0d32a10aa0c19ee8d85b61b0903a021179d8f66601bf75c90be7083255444
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
8976a91a54bdc4bb34c73cd16e43ae6bd3b952925c35e9c3cd5ce496b20c39c6
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
a782015ceceb595c8305a944456587c4f2c4b3f0ca82aac8e5c6d7b33138f392
ad599cf3e3185e7b565cbdbd38dc67723da4b78d44850f0f5f1551241ec39832
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
c06ec88641687c7f653a3e6b3a601130400dc1698afe67c531d693406cd99440
c92c3814d5c8ef8bd016d9cb4dec18ff0dfca4a3f2b4968207888383095e0197
cda56d415849eabed45a56c4b245dca667c07febbc29b799809a18c50c063869
cea4825b33f57b1a75af5e3a079ec8e1c05d83a881f9f597e03349d09d962b8b
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
dd8581d4db21d53a79ddeb0cea5289108dbdc0d214a6391a959d93a30e5d04b7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4598c4de9b0cb9f51a572208fa909295ea8168c1d7fcb8941fee869706811a0
e938d65b691d9579afbc9061e0cf4e8dc89e63701a41a5e26fb24cc7107e9248
f435c7332d3136b59a056b0c7e23926256b057ac7598568a8120f070c2ec30d4