Report - analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba

Report Overview

Submitted URL
analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
IP
20.50.210.201
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-04-27 08:52:58
Access
public
Website Title
Malicious Mirai 7d76bed937f23c2f819bcb9a2c7ed4ad.elf - Intezer
Final URL
analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
analyze.intezer.com	unknown	2015-08-28	2017-10-25	2024-04-18	11 kB	8.3 MB	20.50.210.201
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-27	1.4 kB	23 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-27	546 B	49 kB	216.58.207.227
api.getkoala.com	unknown	2019-03-03	2022-11-08	2024-04-19	3.5 kB	9.5 kB	104.26.1.188
api.appcues.net	3188	2016-05-31	2018-07-22	2024-04-27	1.1 kB	558 B	54.148.28.105
static.zdassets.com	2154	2013-01-28	2018-06-24	2024-04-25	1.3 kB	1.0 MB	104.18.72.113
www.google.no	25607	2001-02-26	2016-04-05	2024-04-25	595 B	580 B	142.250.74.163
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	1.3 kB	275 kB	142.250.74.168
fast.appcues.com	5455	2012-09-08	2015-02-20	2024-04-26	1.0 kB	127 kB	151.101.66.110
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-26	1.7 kB	748 B	216.239.32.36
ekr.zdassets.com	2396	2013-01-28	2018-06-14	2024-04-26	474 B	2.0 kB	104.18.72.113
cdn.getkoala.com	unknown	2019-03-03	2022-11-18	2024-04-23	446 B	100 kB	104.26.1.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-04-27	medium	analyze.intezer.com/api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/sub/02161481-4c8b-46a4-a264-464cb562d2a5/families-by-strings	Linux.Trojan.Gafgyt

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba	520 B	2023-11-07	2024-05-14
Pretty URL analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-07 22:54:00 Last Seen2024-05-14 00:59:42 Times Seen106 Hash 4d1cdb787df8932e05c58ac121b68bc5 35ab11a91e4f8cf728203ba05bc12c5462076a34 546010485b1b1ef82fee1af3ac7b94848c60c6fdec067399a715963926daa81b Loading...

	static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js	992 kB	2024-04-11	2024-05-07
Pretty URL static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 14:18:32 Last Seen2024-05-07 10:22:14 Times Seen276 Hash 3784cf5e1ddd3a68e335f3bb4a5e2fcd 617bebee8c2acfff41763b25aa8e2b65bdebc1d3 7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4 Loading...

	analyze.intezer.com/2864.6b42e724fcebf898675b.js	217 kB	2024-04-18	2024-05-14
Pretty URL analyze.intezer.com/2864.6b42e724fcebf898675b.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:53:19 Last Seen2024-05-14 00:59:42 Times Seen36 Hash e043bf5c09c4e23c6be51da6be8b943b bc3342a11b0d93a0c4d35c1914636e8f2e0238f0 8954bb8c31e7afabd56f3a9e3a057bfb169a174be41b191c5ff9ed4f327bead6 Loading...

	analyze.intezer.com/9614.ad793603c1b0a08dcf69.js	253 kB	2024-04-18	2024-05-14
Pretty URL analyze.intezer.com/9614.ad793603c1b0a08dcf69.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:53:19 Last Seen2024-05-14 00:59:42 Times Seen34 Hash ac91777f6957d021a1d664a5969a065b 6b1cccd2ad960ab02e17573497257db7980972b0 bac9414c98840c0ebba2db7fd40ac3f471da928d3e331a9a82855f8554bd2337 Loading...

	analyze.intezer.com/appcues.js	21 kB	2023-09-04	2024-05-14
Pretty URL analyze.intezer.com/appcues.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-04 11:32:28 Last Seen2024-05-14 00:59:42 Times Seen122 Hash 6a666673857172d62dd9b4db844747c4 88370222a461b9a520ecf1418995cf4ba7694771 7092a4655a3e2041945471cb88fe81f17fb3514ea7eedb585d6dd7bca61dd72a Loading...

	analyze.intezer.com/app.d73b49201c7416a0c1b3.js	4.7 MB	2024-04-27	2024-04-28
Pretty URL analyze.intezer.com/app.d73b49201c7416a0c1b3.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 10:54:21 Last Seen2024-04-28 12:16:35 Times Seen6 Hash 8f354984aa772e9e015f8484da4be205 5e9b19cce0b7f7db83a187bffc233c4f9def2472 2c1148e42f961bb006417b08dc09b5dfc61ea5b944595674dda45f9a656d6200 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KC95766	256 kB	2024-04-27	2024-04-27
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KC95766 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 10:54:22 Last Seen2024-04-27 10:54:23 Times Seen2 Hash 2bedc5a04eff71ee09e296fa77fc84dc 887ee2c423f873632c572b4df35b7126cc0ee3f0 99ad6868ad54b3e26556e6b9edfda7f8b9bd427991959280540b293093baa636 Loading...

	fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js	437 kB	2023-04-28	2024-05-14
Pretty URL fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js IP 151.101.66.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 10:22:00 Last Seen2024-05-14 00:59:42 Times Seen185 Hash 325b9a6678104a85e18bc8550b5128bb 2d585626354b157d49880483a98931f06af09424 71ba7bfe96a36cbf8f83183feb91e6e73ea7144313be0ba46cc8fea020ea6e80 Loading...

	www.googletagmanager.com/gtag/destination?id=AW-725468766&l=dataLayer&cx=c	223 kB	2024-04-27	2024-04-27
Pretty URL www.googletagmanager.com/gtag/destination?id=AW-725468766&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 10:54:22 Last Seen2024-04-27 10:54:23 Times Seen2 Hash f084a85982f4855065e35fdb7b75193d b008a74e742cc1fccee9cdfe78b43ce13a15f964 0c72d76e4676264bfb6ddf4b1a238a3911229e9770eec14a921af337f9c63282 Loading...

	www.googletagmanager.com/gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c	309 kB	2024-04-27	2024-04-27
Pretty URL www.googletagmanager.com/gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 10:54:22 Last Seen2024-04-27 10:54:23 Times Seen2 Hash 0f58c5247fef22f6022e073bec873fae b06d3f42737dcd5616d1144aae8d2898fa78bd9a e3243ea80a6df8c316b8dd90c4ccd2cab5cb72071f39f8eb26a29867e4c6fae0 Loading...

	analyze.intezer.com/9593.42ab05ec1a8315167545.js	3.0 MB	2024-04-24	2024-05-05
Pretty URL analyze.intezer.com/9593.42ab05ec1a8315167545.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:52:45 Last Seen2024-05-05 20:30:02 Times Seen18 Hash bb1794967503fbb9ea4c315c4c79975a 2c69788e47c3f20ce340b8312f13cf24bb8bf97c e3aba89cc7a66478533da4b96b467c78269609f3cc5ff3830a9fa2fb5b42ded2 Loading...

	cdn.getkoala.com/v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js	99 kB	2024-04-24	2024-05-09
Pretty URL cdn.getkoala.com/v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js IP 104.26.1.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:52:44 Last Seen2024-05-09 16:24:20 Times Seen30 Hash bd27969fda0af7f25329fa9bdc18312c c5b14cd366114103d83be43d363f40c21a5ff493 3e5b40d8f21b745f23fe2bbda9b812abd6b150949acff74b6289766dac7dab24 Loading...

	static.zdassets.com/ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5	10 kB	2024-01-15	2024-05-19
Pretty URL static.zdassets.com/ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5 IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-15 08:52:01 Last Seen2024-05-19 02:11:25 Times Seen3892 Hash c0053b411b753138af468db1bd3b19f3 7c3a187aa58f2b9e5446edb761b3d4d2ba506fe7 ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f Loading...

	static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js	26 kB	2023-11-01	2024-05-18
Pretty URL static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 04:40:16 Last Seen2024-05-18 23:55:18 Times Seen3450 Hash 6eb45e96a7cbb4b8ca10897f3cf09981 2a12b20d1ca65377448dce30519c629aa4273346 a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e Loading...

HTTP Transactions (44)

URL IP Response Size

analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba

20.50.210.201

200 OK

1.5 kB

URL User Request GET HTTP/2
analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
HTML document, ASCII text, with very long lines (703)
Size
1.5 kB (1545 bytes)
Hash
9ac332021c8160513f3b6255579938f6
dc83e8aebe536cc2426c8530ec75127d3180fd6d
6e66ddf3b55aba77830752547f83d0ca37b7207a0796c6c02b7d4b9c2ecfa5c4

HTTP Headers

GET /analyses/7115623b-76d4-4c1f-8990-94f619d493ba HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:27 GMT
content-type: text/html
content-length: 1545
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
etag: "662a5752-609"
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api-js.mixpanel.com https://api.getkoala.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net;manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/appcues.js

20.50.210.201

200 OK

21 kB

URL GET HTTP/2
analyze.intezer.com/appcues.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, ASCII text, with very long lines (16216)
Size
21 kB (20968 bytes)
Hash
6a666673857172d62dd9b4db844747c4
88370222a461b9a520ecf1418995cf4ba7694771
7092a4655a3e2041945471cb88fe81f17fb3514ea7eedb585d6dd7bca61dd72a

HTTP Headers

GET /appcues.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:28 GMT
content-type: application/javascript
content-length: 20968
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
etag: "662a5752-51e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/9593.42ab05ec1a8315167545.js

20.50.210.201

200 OK

3.0 MB

URL GET HTTP/2
analyze.intezer.com/9593.42ab05ec1a8315167545.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33685), with LF, NEL line terminators
Size
3.0 MB (3004241 bytes)
Hash
bb1794967503fbb9ea4c315c4c79975a
2c69788e47c3f20ce340b8312f13cf24bb8bf97c
e3aba89cc7a66478533da4b96b467c78269609f3cc5ff3830a9fa2fb5b42ded2

HTTP Headers

GET /9593.42ab05ec1a8315167545.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:28 GMT
content-type: application/javascript
content-length: 3004241
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
etag: "662a5752-2dd751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/app.d73b49201c7416a0c1b3.js

20.50.210.201

200 OK

4.7 MB

URL GET HTTP/2
analyze.intezer.com/app.d73b49201c7416a0c1b3.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65442)
Size
4.7 MB (4724197 bytes)
Hash
8f354984aa772e9e015f8484da4be205
5e9b19cce0b7f7db83a187bffc233c4f9def2472
2c1148e42f961bb006417b08dc09b5dfc61ea5b944595674dda45f9a656d6200

HTTP Headers

GET /app.d73b49201c7416a0c1b3.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:28 GMT
content-type: application/javascript
content-length: 4724197
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
etag: "662a5752-4815e5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KC95766

142.250.74.168

200 OK

90 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KC95766
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (3130)
Size
90 kB (90422 bytes)
Hash
2bedc5a04eff71ee09e296fa77fc84dc
887ee2c423f873632c572b4df35b7126cc0ee3f0
99ad6868ad54b3e26556e6b9edfda7f8b9bd427991959280540b293093baa636

HTTP Headers

GET /gtm.js?id=GTM-KC95766 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 Apr 2024 08:52:28 GMT
expires: Sat, 27 Apr 2024 08:52:28 GMT
cache-control: private, max-age=900
last-modified: Sat, 27 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js

151.101.66.110

200 OK

124 kB

URL GET HTTP/2
fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js
IP
151.101.66.110:443
ASN
#54113 FASTLY

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGlobalSign nv-sa
Subjectfast.appcues.com
FingerprintC0:70:30:FF:D6:06:AD:70:66:08:1E:48:AB:1C:4B:AA:C8:5A:06:B5
ValiditySat, 05 Aug 2023 19:48:19 GMT - Thu, 05 Sep 2024 19:48:18 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
Size
124 kB (123629 bytes)
Hash
325b9a6678104a85e18bc8550b5128bb
2d585626354b157d49880483a98931f06af09424
71ba7bfe96a36cbf8f83183feb91e6e73ea7144313be0ba46cc8fea020ea6e80

HTTP Headers

GET /generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js HTTP/1.1
Host: fast.appcues.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 7SzEP1g5Av7hiHWj2WdYKxbNg84uLkquGC2UVtcatkOZ3VvdGs49Wwbq4N4NWAXF+maUda5Zjnc=
x-amz-request-id: BV4N800DZQZ00ZS8
last-modified: Mon, 24 Apr 2023 18:56:52 GMT
etag: "325b9a6678104a85e18bc8550b5128bb"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
server: AmazonS3
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
accept-ranges: bytes
age: 1603067
date: Sat, 27 Apr 2024 08:52:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410022-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1714207950.529230,VS0,VE1
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 123629
X-Firefox-Spdy: h2

analyze.intezer.com/acct/v1-2/account-details

20.50.210.201

200 OK

305 B

URL POST HTTP/2
analyze.intezer.com/acct/v1-2/account-details
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
305 B (305 bytes)
Hash
7dbb2ebddec43091d0a1c6ff5207e88b
90c56692022588dfe7093df2da174bcb5591ad04
05a92a6d620965fbfa0bb5860ef174324980d5bf73513897be1b24777ee56844

HTTP Headers

POST /acct/v1-2/account-details HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:29 GMT
content-type: application/json
content-length: 305
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/client-config

20.50.210.201

200 OK

571 B

URL GET HTTP/2
analyze.intezer.com/api/v1-2/client-config
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
571 B (571 bytes)
Hash
881706d7c63d56f066eb75a7315b8eb5
814acdf68c354cf1cda3efb8d7d9d414a1bf76ec
80526ac478071d8a07d14035dbc898cfbb801737829e0e8b5d77d82c3835ba19

HTTP Headers

GET /api/v1-2/client-config HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:29 GMT
content-type: application/json
content-length: 571
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: analyze.intezer.com, protect.intezer.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analyze.intezer.com/9614.ad793603c1b0a08dcf69.js

20.50.210.201

200 OK

253 kB

URL GET HTTP/2
analyze.intezer.com/9614.ad793603c1b0a08dcf69.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65453)
Size
253 kB (252890 bytes)
Hash
ac91777f6957d021a1d664a5969a065b
6b1cccd2ad960ab02e17573497257db7980972b0
bac9414c98840c0ebba2db7fd40ac3f471da928d3e331a9a82855f8554bd2337

HTTP Headers

GET /9614.ad793603c1b0a08dcf69.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:29 GMT
content-type: application/javascript
content-length: 252890
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
etag: "662a5752-3dbda"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/2864.6b42e724fcebf898675b.js

20.50.210.201

200 OK

217 kB

URL GET HTTP/2
analyze.intezer.com/2864.6b42e724fcebf898675b.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
217 kB (217098 bytes)
Hash
e043bf5c09c4e23c6be51da6be8b943b
bc3342a11b0d93a0c4d35c1914636e8f2e0238f0
8954bb8c31e7afabd56f3a9e3a057bfb169a174be41b191c5ff9ed4f327bead6

HTTP Headers

GET /2864.6b42e724fcebf898675b.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:29 GMT
content-type: application/javascript
content-length: 217098
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
etag: "662a5752-3500a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/b2bbd211bc04498bcf4eecf540f44e52.woff2

20.50.210.201

200 OK

22 kB

URL GET HTTP/2
analyze.intezer.com/b2bbd211bc04498bcf4eecf540f44e52.woff2
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22096, version 2.131
Size
22 kB (22096 bytes)
Hash
bd5793996213550d5d9ea47a48e33bee
021e1ba4523842a045c47f067e4cbe8137ce5214
1a7b6523d182680619f4e3afa5f42c820bfee356675fdee431fc51e2b9c3eb36

HTTP Headers

GET /b2bbd211bc04498bcf4eecf540f44e52.woff2 HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:29 GMT
content-type: font/woff2
content-length: 22096
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
etag: "662a5752-5650"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/internal

20.50.210.201

200 OK

2.6 kB

URL POST HTTP/2
analyze.intezer.com/api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/internal
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
2.6 kB (2567 bytes)
Hash
8f0b276b2bb5919307175a6ba34b93e0
2b40289b024d12da2774cfbcf9659cc4cb0f9101
875865b93b0c04306f762148122ee898b3625a60fc886ae3491ff34165de5e4e

HTTP Headers

POST /api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/internal HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:29 GMT
content-type: application/json
content-length: 2567
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: analyze.intezer.com, protect.intezer.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Inconsolata&display=swap

142.250.74.106

200 OK

6.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Inconsolata&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
6.9 kB (6874 bytes)
Hash
1de0bcfd2a7ba4ec31ad283cbc0c7e70
4a89cab1321488a2e9beccf73fa3fb7a86621365
aef3a43149503853c3c4a37a8a7819f215e6ffe7b16b471aef46cb66b0433da0

HTTP Headers

GET /css?family=Inconsolata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 Apr 2024 08:52:28 GMT
date: Sat, 27 Apr 2024 08:52:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.appcues.com/generic/main/4.53.1/container.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.css

151.101.66.110

200 OK

2.0 kB

URL GET HTTP/2
fast.appcues.com/generic/main/4.53.1/container.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.css
IP
151.101.66.110:443
ASN
#54113 FASTLY

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGlobalSign nv-sa
Subjectfast.appcues.com
FingerprintC0:70:30:FF:D6:06:AD:70:66:08:1E:48:AB:1C:4B:AA:C8:5A:06:B5
ValiditySat, 05 Aug 2023 19:48:19 GMT - Thu, 05 Sep 2024 19:48:18 GMT

File type
ASCII text, with very long lines (522)
Size
2.0 kB (2027 bytes)
Hash
040cf4e7e86c4d735fc66db697584fb0
4a2c2807c1cb30c6339ce99cedfa1d21416a99d7
d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de

HTTP Headers

GET /generic/main/4.53.1/container.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.css HTTP/1.1
Host: fast.appcues.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-amz-id-2: WMbuLASk9id9kn12ZWtur7D+temzEutYLLJ0Fg1MrkYJOyE7A+uGf9jh0uwOw/WqYFm1KmSw1KE=
x-amz-request-id: 3HK3N4VVT81H8MN1
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 24 Apr 2023 18:56:52 GMT
etag: "040cf4e7e86c4d735fc66db697584fb0"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8;
server: AmazonS3
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
accept-ranges: bytes
age: 788437
date: Sat, 27 Apr 2024 08:52:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410022-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1714207950.957105,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
content-length: 2027
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:35:00 GMT
expires: Fri, 25 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 195449
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analyze.intezer.com/favicon.png

20.50.210.201

200 OK

1.9 kB

URL GET HTTP/2
analyze.intezer.com/favicon.png
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
PNG image data, 82 x 86, 8-bit colormap, non-interlaced
Size
1.9 kB (1870 bytes)
Hash
0f5528b3c2af9fc4510edfe430807bfe
513db20eae627160af9c77686555d701b64e96eb
28af5faf1c19d79984054f62f7e68aa7b448578cd77d62b6103dc625b0d6fd77

HTTP Headers

GET /favicon.png HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: image/png
content-length: 1870
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
etag: "662a5752-74e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/adr/v1-2/alerts/get-alerts-by-tenant-and-sha256

20.50.210.201

401 Unauthorized

31 B

URL POST HTTP/2
analyze.intezer.com/adr/v1-2/alerts/get-alerts-by-tenant-and-sha256
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
31 B (31 bytes)
Hash
fa380364bab8af94c50353ec5b34675e
3e63981dec1d322871b97bbc444b9025f475c90e
3a5360f83d6cde972e2bed5f7c6b5ed6d8f70ef79d83052c02ae9253dd4a03cb

HTTP Headers

POST /adr/v1-2/alerts/get-alerts-by-tenant-and-sha256 HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 88
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Cookie: _gcl_au=1.1.729826581.1714207950
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
server: nginx
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/json
content-length: 31
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=AW-725468766&l=dataLayer&cx=c

142.250.74.168

200 OK

80 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=AW-725468766&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
80 kB (79997 bytes)
Hash
f084a85982f4855065e35fdb7b75193d
b008a74e742cc1fccee9cdfe78b43ce13a15f964
0c72d76e4676264bfb6ddf4b1a238a3911229e9770eec14a921af337f9c63282

HTTP Headers

GET /gtag/destination?id=AW-725468766&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 Apr 2024 08:52:30 GMT
expires: Sat, 27 Apr 2024 08:52:30 GMT
cache-control: private, max-age=900
last-modified: Sat, 27 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c

142.250.74.168

200 OK

102 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (9178)
Size
102 kB (102476 bytes)
Hash
0f58c5247fef22f6022e073bec873fae
b06d3f42737dcd5616d1144aae8d2898fa78bd9a
e3243ea80a6df8c316b8dd90c4ccd2cab5cb72071f39f8eb26a29867e4c6fae0

HTTP Headers

GET /gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 27 Apr 2024 08:52:30 GMT
expires: Sat, 27 Apr 2024 08:52:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102476
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

analyze.intezer.com/adr/v1-2/alerts/get-alerts-by-tenant-and-sha256

20.50.210.201

401 Unauthorized

31 B

URL POST HTTP/2
analyze.intezer.com/adr/v1-2/alerts/get-alerts-by-tenant-and-sha256
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
31 B (31 bytes)
Hash
fa380364bab8af94c50353ec5b34675e
3e63981dec1d322871b97bbc444b9025f475c90e
3a5360f83d6cde972e2bed5f7c6b5ed6d8f70ef79d83052c02ae9253dd4a03cb

HTTP Headers

POST /adr/v1-2/alerts/get-alerts-by-tenant-and-sha256 HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 88
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Cookie: _gcl_au=1.1.729826581.1714207950
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
server: nginx
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/json
content-length: 31
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/additional-classifications

20.50.210.201

200 OK

14 B

URL GET HTTP/2
analyze.intezer.com/api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/additional-classifications
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
14 B (14 bytes)
Hash
1196db381c388a3e972449ebe6a35224
0e89c39060587c33bab9bd81ab295b2592645d98
49ff7aea8cd2a0f6c907f08e4fe614f354a9d2ffb12564addf7079e6a24ec80e

HTTP Headers

GET /api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/additional-classifications HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Cookie: _gcl_au=1.1.729826581.1714207950
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/json
content-length: 14
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: analyze.intezer.com, protect.intezer.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analyze.intezer.com/acct/v1-2/resign-in

20.50.210.201

401 Unauthorized

44 B

URL POST HTTP/2
analyze.intezer.com/acct/v1-2/resign-in
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
44 B (44 bytes)
Hash
e57bebcf9f36e6f92ae72139a963be84
a188b1afac99850c2769ec614fc3aa9f321474a1
e62fe4bf7a77db07be5e952c35bf60b91595123398a2be4f59c175e1de9283fb

HTTP Headers

POST /acct/v1-2/resign-in HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Cookie: _gcl_au=1.1.729826581.1714207950
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 401 Unauthorized
server: nginx
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/json
content-length: 44
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cache-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

analyze.intezer.com/acct/v1-2/resign-in

20.50.210.201

401 Unauthorized

44 B

URL POST HTTP/2
analyze.intezer.com/acct/v1-2/resign-in
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
44 B (44 bytes)
Hash
e57bebcf9f36e6f92ae72139a963be84
a188b1afac99850c2769ec614fc3aa9f321474a1
e62fe4bf7a77db07be5e952c35bf60b91595123398a2be4f59c175e1de9283fb

HTTP Headers

POST /acct/v1-2/resign-in HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Cookie: _gcl_au=1.1.729826581.1714207950
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 401 Unauthorized
server: nginx
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/json
content-length: 44
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cache-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/sub/02161481-4c8b-46a4-a264-464cb562d2a5/families-by-strings

20.50.210.201

200 OK

11 kB

URL POST HTTP/2
analyze.intezer.com/api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/sub/02161481-4c8b-46a4-a264-464cb562d2a5/families-by-strings
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
11 kB (11053 bytes)
Hash
83040c6b26f4ba142f59a5daf24cde84
c9b7f452ee475d1b75c1eba45c50ac3a7430e2dc
14a7052a72287bf1f409520b6952ba6c54b9232b416d481d390c15ac2b3df57d

Detections

Analyzer	Verdict	Alert
Elastic Security YARA Rules	malware	Linux.Trojan.Gafgyt

HTTP Headers

POST /api/v1-2/analyses/7115623b-76d4-4c1f-8990-94f619d493ba/sub/02161481-4c8b-46a4-a264-464cb562d2a5/families-by-strings HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Cookie: _gcl_au=1.1.729826581.1714207950
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/json
content-length: 11053
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: analyze.intezer.com, protect.intezer.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/files/02161481-4c8b-46a4-a264-464cb562d2a5/capa-report

20.50.210.201

409 Conflict

36 B

URL POST HTTP/2
analyze.intezer.com/api/v1-2/files/02161481-4c8b-46a4-a264-464cb562d2a5/capa-report
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
36 B (36 bytes)
Hash
b17c9f5c17df3fde75c9d8e5a4baf9de
90682fd16997d24754c63b95c44aee8bad1841ab
b361b0e2094683e72b5b4529a485a75a3bdcd1dc59071cba493514ab4392f79d

HTTP Headers

POST /api/v1-2/files/02161481-4c8b-46a4-a264-464cb562d2a5/capa-report HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Cookie: _gcl_au=1.1.729826581.1714207950
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
server: nginx
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/json
content-length: 36
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44o0v890741055z8812351983za200&_p=1714207948258&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=583394433.1714207951&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714207950&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F7115623b-76d4-4c1f-8990-94f619d493ba&dt=Malicious%20Mirai%207d76bed937f23c2f819bcb9a2c7ed4ad.elf%20-%20Intezer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2924

216.239.32.36

204 No Content

0 B

URL GET HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44o0v890741055z8812351983za200&_p=1714207948258&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=583394433.1714207951&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714207950&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F7115623b-76d4-4c1f-8990-94f619d493ba&dt=Malicious%20Mirai%207d76bed937f23c2f819bcb9a2c7ed4ad.elf%20-%20Intezer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2924
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44o0v890741055z8812351983za200&_p=1714207948258&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=583394433.1714207951&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714207950&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F7115623b-76d4-4c1f-8990-94f619d493ba&dt=Malicious%20Mirai%207d76bed937f23c2f819bcb9a2c7ed4ad.elf%20-%20Intezer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2924 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-origin: *
date: Sat, 27 Apr 2024 08:52:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analyze.intezer.com/a5efd3d9205e908a12fb2c5725aa76a1.ttf

20.50.210.201

200 OK

40 kB

URL GET HTTP/2
analyze.intezer.com/a5efd3d9205e908a12fb2c5725aa76a1.ttf
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
gzip compressed data, max speed, from Unix
Size
40 kB (39682 bytes)
Hash
d78262d8a21ae0e0fba12b7b0b581d41
eb12b1521ec54fba02944bd48a057a2dc51a2544
c1a5bcb1285dcb8dd9656c981b4be9ec8e3eb5bf9aac89616099c3deee6b45f8

HTTP Headers

GET /a5efd3d9205e908a12fb2c5725aa76a1.ttf HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 27 Apr 2024 08:52:29 GMT
content-type: text/plain
last-modified: Thu, 25 Apr 2024 13:14:58 GMT
vary: Accept-Encoding
etag: W/"662a5752-ef1c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch

104.26.1.188

204 No Content

0 B

URL POST HTTP/2
api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch
IP
104.26.1.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint84:DC:09:89:C7:63:E1:3B:D6:55:9D:84:0F:B7:C4:B3:04:61:65:CA
ValidityThu, 25 Apr 2024 05:54:53 GMT - Wed, 24 Jul 2024 05:54:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 756
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sat, 27 Apr 2024 08:52:30 GMT
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0f9baa14-6bf2-44c6-989f-7d0c2e788be4
x-runtime: 0.009067
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NtXjorWEBFwkpKkzzWQ6aWI3WU%2BMAo4OTmavCw5pCRLMGQ5Q5LxUY7Rhybe0OsgTlIrihdL%2F6oLNqUPeRnPRFVuAWyzQu2jDTBIdd25f%2Fzm8vUeJduDtoK71HEHjzl9NMnI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ad93ac2fba5699-OSL
X-Firefox-Spdy: h2

api.appcues.net/v1/socket/websocket?vsn=2.0.0

54.148.28.105

0 B

URL
api.appcues.net/v1/socket/websocket?vsn=2.0.0
IP
54.148.28.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1
Host: api.appcues.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://analyze.intezer.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fxuJvbgBVpSa0uPExwe6lg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Sat, 27 Apr 2024 08:52:31 GMT
Connection: upgrade
cache-control: max-age=0, private, must-revalidate
sec-websocket-accept: uLT1Zch1eHPdHr3O+nthwkS1SXA=
sec-websocket-extensions: permessage-deflate
server: Cowboy
upgrade: websocket

api.getkoala.com/cable?profile_id=8a8da053-4456-4b05-8386-5511398863e2&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a

104.26.1.188

0 B

URL
api.getkoala.com/cable?profile_id=8a8da053-4456-4b05-8386-5511398863e2&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a
IP
104.26.1.188:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint84:DC:09:89:C7:63:E1:3B:D6:55:9D:84:0F:B7:C4:B3:04:61:65:CA
ValidityThu, 25 Apr 2024 05:54:53 GMT - Wed, 24 Jul 2024 05:54:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cable?profile_id=8a8da053-4456-4b05-8386-5511398863e2&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://analyze.intezer.com
Sec-WebSocket-Protocol: actioncable-v1-json, actioncable-unsupported
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GlAFZdAHvY5OWev/rbma0w==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Sat, 27 Apr 2024 08:52:31 GMT
Connection: upgrade
Sec-Websocket-Accept: 0PLpAtyrr+M/3Rd4zddmtyr6X3M=
Sec-Websocket-Protocol: actioncable-v1-json
Upgrade: websocket
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NsbXkbop2CBQgBVc5ib7shCUA7m8xF5der6MBsx8CPb07vrKd5IAVf9Yl9mo0665ojgG50ffpVhC%2Frq%2BDbg3dssum8azQKFX80lRG5E0AqC4joHPWwehtTaexvsK8H9BVI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ad93ac6b09b51b-OSL

api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/metrics

104.26.1.188

204 No Content

0 B

URL POST HTTP/2
api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/metrics
IP
104.26.1.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint84:DC:09:89:C7:63:E1:3B:D6:55:9D:84:0F:B7:C4:B3:04:61:65:CA
ValidityThu, 25 Apr 2024 05:54:53 GMT - Wed, 24 Jul 2024 05:54:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/metrics HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 792
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sat, 27 Apr 2024 08:52:31 GMT
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 6119012f-13d8-4a96-bb9c-fe9e6cc8e374
x-runtime: 0.006075
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEmt4qrjCpWYSpEKTTI%2Fk6VhRZmPS1IdZizU7ExoRMalSVtpadiOBD6UX%2FwwqY3XTSZQrQ%2BUNuNhrBuYHwAr%2BMgjecZkiTCF0nz8F5Cc5ittQeVxjrP3cnFedNk8r3oGCeY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ad93b25f935699-OSL
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44o0v890741055za200&_p=1714207948258&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=583394433.1714207951&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714207950&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F7115623b-76d4-4c1f-8990-94f619d493ba&dt=Malicious%20Mirai%207d76bed937f23c2f819bcb9a2c7ed4ad.elf%20-%20Intezer&en=scroll&epn.percent_scrolled=90&tfd=7971

216.239.32.36

204 No Content

0 B

URL GET HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44o0v890741055za200&_p=1714207948258&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=583394433.1714207951&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714207950&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F7115623b-76d4-4c1f-8990-94f619d493ba&dt=Malicious%20Mirai%207d76bed937f23c2f819bcb9a2c7ed4ad.elf%20-%20Intezer&en=scroll&epn.percent_scrolled=90&tfd=7971
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44o0v890741055za200&_p=1714207948258&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=583394433.1714207951&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714207950&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F7115623b-76d4-4c1f-8990-94f619d493ba&dt=Malicious%20Mirai%207d76bed937f23c2f819bcb9a2c7ed4ad.elf%20-%20Intezer&en=scroll&epn.percent_scrolled=90&tfd=7971 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: *
date: Sat, 27 Apr 2024 08:52:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js

104.18.72.113

200 OK

14 kB

URL GET HTTP/2
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (25709), with no line terminators
Size
14 kB (13744 bytes)
Hash
6eb45e96a7cbb4b8ca10897f3cf09981
2a12b20d1ca65377448dce30519c629aa4273346
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

HTTP Headers

GET /web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 27 Apr 2024 08:52:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: W9B1SBtAeKjZ8kR3+2GgpY7yqrRwEUd74ifS+fdKkR32Prbx0bEwMeNV6dGVRlF6Cg02ybWPMLk=
x-amz-request-id: DKWT4SJ3NP0VX855
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:46:15 GMT
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:46:13 GMT
x-amz-version-id: LLNIVxZ_bojnmbOmqAvI_43_VNrKfel_
cf-cache-status: HIT
age: 1372041
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WLXHENp9lFZqML0JuK0dfgOyR2KHJZqHkx8jdUUE%2BECu1p25CxZcFj1ED70D3pOTVTCveZzNBQawbxvtLXcJb%2Fus%2F3a8SqPpYaNLfRjZ7EblhQYYJ%2FKPHTjEZI%2BCtmNRW3klkHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87ad93b169bf56a4-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a

104.26.1.188

200 OK

4.0 kB

URL GET HTTP/2
api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a
IP
104.26.1.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint84:DC:09:89:C7:63:E1:3B:D6:55:9D:84:0F:B7:C4:B3:04:61:65:CA
ValidityThu, 25 Apr 2024 05:54:53 GMT - Wed, 24 Jul 2024 05:54:52 GMT

File type
JSON text data
Size
4.0 kB (4019 bytes)
Hash
315d980dc6f8018892091e5dfbff2996
1bdff9fac7dde5139a1592cf361e8c801e3635f8
ebcd84ab71c1ca04eb442f2f7b7e4c6a6af09767955d4f394cfa128cccd3e6ca

HTTP Headers

GET /web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analyze.intezer.com/
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/json; charset=utf-8
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: public
etag: W/"1a423e9fe435fa834d744f5b30fc7016"
last-modified: Mon, 23 Oct 2023 15:11:19 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept, Accept-Encoding, Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 2ae23177-6b6d-47be-a7e3-387541f731bd
x-runtime: 0.004949
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GbLi60H6GX2prrPlyogdllcrp%2FYe1UlKVV1QByKPBRIwXc4anyziOd8Ewbe3%2BZG%2BckQY4KetAS4wdxvLmDdKCEgA3ky1WB1i4VSTBKWjAXyrqjIx7Y8eXQJqlCRm7TAVVY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ad93a83e440b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch

104.26.1.188

204 No Content

0 B

URL POST HTTP/2
api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch
IP
104.26.1.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint84:DC:09:89:C7:63:E1:3B:D6:55:9D:84:0F:B7:C4:B3:04:61:65:CA
ValidityThu, 25 Apr 2024 05:54:53 GMT - Wed, 24 Jul 2024 05:54:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 761
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sat, 27 Apr 2024 08:52:47 GMT
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 822022c9-3d36-425d-af2c-1bf467ab707e
x-runtime: 0.010225
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJ5OdKK%2FWMJx9PmxnCkAzatCNKecV%2Bj0LFDQmw%2B9WMv%2BhG01t5MYmMVuXPgRmExy7vYMCpQzhD4yM2ZtPHg1lLdxRtMcPS53X3k2zm81QAciv%2B1XSUzNRYx0ArYR0H%2FgHOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ad94166ef45699-OSL
X-Firefox-Spdy: h2

ekr.zdassets.com/compose/f8b95454-f8e3-4344-ba19-719f3120caa5

104.18.72.113

200 OK

733 B

URL GET HTTP/2
ekr.zdassets.com/compose/f8b95454-f8e3-4344-ba19-719f3120caa5
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (815), with no line terminators
Size
733 B (733 bytes)
Hash
1267d72186f7c81605c93d9d631500e1
a715889f710a1d53a15c9304124fa963326f1d46
ec56e0e18ff6ee478d12f6e410de4b9f12eedf12fd41421cd41995e252970abd

HTTP Headers

GET /compose/f8b95454-f8e3-4344-ba19-719f3120caa5 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analyze.intezer.com/
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Apr 2024 08:52:31 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: 
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"ac88c5304aa280845b55f2c4156de388"
x-request-id: 872abddfff5db96e-SEA, 872abddfff5db96e-SEA
x-runtime: 0.010085
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYcUqJIaE9h29LaMALzuDwSyqvcaWd%2FKITk26%2F0kIeNW3qKImZObKjSKpOg5%2BXiyjXU5ebw8Sq%2FW2SLh69%2FHZNkBzP8VBP3gN0Po%2FUGDYZnec64TYMV8pi%2Bz3KtK3PKRC%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87ad93aa09db56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Slab:300&display=swap

142.250.74.106

200 OK

2.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto+Slab:300&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (2610), with no line terminators
Size
2.5 kB (2547 bytes)
Hash
3ac73b909a1a38a6f17a9ebcc39639fe
7799bb47ab36a1f57ce0f04f1281025c49104779
6c3f3756f1ccab653c8d50f8f7e4b9265ab3baef92cef4cbd7740b42f7615810

HTTP Headers

GET /css?family=Roboto+Slab:300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 Apr 2024 08:52:28 GMT
date: Sat, 27 Apr 2024 08:52:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.getkoala.com/cable?profile_id=8a8da053-4456-4b05-8386-5511398863e2&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a

104.26.1.188

101 Switching Protocols

0 B

URL GET HTTP/1.1
api.getkoala.com/cable?profile_id=8a8da053-4456-4b05-8386-5511398863e2&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a
IP
104.26.1.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint84:DC:09:89:C7:63:E1:3B:D6:55:9D:84:0F:B7:C4:B3:04:61:65:CA
ValidityThu, 25 Apr 2024 05:54:53 GMT - Wed, 24 Jul 2024 05:54:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cable?profile_id=8a8da053-4456-4b05-8386-5511398863e2&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://analyze.intezer.com
Sec-WebSocket-Protocol: actioncable-v1-json, actioncable-unsupported
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GlAFZdAHvY5OWev/rbma0w==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Sat, 27 Apr 2024 08:52:31 GMT
Connection: upgrade
Sec-Websocket-Accept: 0PLpAtyrr+M/3Rd4zddmtyr6X3M=
Sec-Websocket-Protocol: actioncable-v1-json
Upgrade: websocket
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NsbXkbop2CBQgBVc5ib7shCUA7m8xF5der6MBsx8CPb07vrKd5IAVf9Yl9mo0665ojgG50ffpVhC%2Frq%2BDbg3dssum8azQKFX80lRG5E0AqC4joHPWwehtTaexvsK8H9BVI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ad93ac6b09b51b-OSL

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77ZEDWXEEK&cid=583394433.1714207951&gtm=45je44o0v890741055z8812351983za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=296637491

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77ZEDWXEEK&cid=583394433.1714207951&gtm=45je44o0v890741055z8812351983za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=296637491
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDE:35:DD:F6:8A:FF:6F:9D:0E:3D:27:DD:E2:B8:DE:CE:A4:6A:C8:C9
ValidityMon, 08 Apr 2024 07:44:18 GMT - Mon, 01 Jul 2024 07:44:17 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77ZEDWXEEK&cid=583394433.1714207951&gtm=45je44o0v890741055z8812351983za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=296637491 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 27 Apr 2024 08:52:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

104.18.72.113

200 OK

992 kB

URL GET HTTP/2
static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT

File type

Size
992 kB (992059 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web_widget/classic/latest/web-widget-main-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Apr 2024 08:52:31 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: ldH41+NY0+fYAgvbqFIJmvudIE2j/SxzaKSwKqxB3P/vSWpJ08HqoFV2mSP6KWgMbK8lgvcvTvmD4moNqUmffw==
x-amz-request-id: 64S1GV9HNQKB0DVA
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:46:13 GMT
etag: W/"3784cf5e1ddd3a68e335f3bb4a5e2fcd"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:46:12 GMT
x-amz-version-id: _IYDenNVju8wHXIpAa8FJzBqmTlghdyK
cf-cache-status: HIT
age: 1372042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytB6vx2oqhTijZOA%2FNVph7NE6ejfhR2n8aOcxfXspujuL4czlOxZxG5qOB%2B%2F%2BBcBmoHFyQqJRNpgTruKaqJpTxMGJXasdyYsKBrtC8SzabXocZZk6gPtV7pmjcHo6GcjGMO7ob4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87ad93af1fcb56a4-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.appcues.net/v1/socket/websocket?vsn=2.0.0

54.148.28.105

101 Switching Protocols

0 B

URL GET HTTP/1.1
api.appcues.net/v1/socket/websocket?vsn=2.0.0
IP
54.148.28.105:443
ASN
#16509 AMAZON-02

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerAmazon
Subjectappcues.net
FingerprintCC:C7:27:E5:D0:E2:97:42:9E:CB:6D:B6:3E:63:0A:A7:13:3B:9B:CD
ValidityTue, 04 Jul 2023 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1
Host: api.appcues.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://analyze.intezer.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fxuJvbgBVpSa0uPExwe6lg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Sat, 27 Apr 2024 08:52:31 GMT
Connection: upgrade
cache-control: max-age=0, private, must-revalidate
sec-websocket-accept: uLT1Zch1eHPdHr3O+nthwkS1SXA=
sec-websocket-extensions: permessage-deflate
server: Cowboy
upgrade: websocket

cdn.getkoala.com/v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js

104.26.1.188

200 OK

99 kB

URL GET HTTP/2
cdn.getkoala.com/v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js
IP
104.26.1.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint84:DC:09:89:C7:63:E1:3B:D6:55:9D:84:0F:B7:C4:B3:04:61:65:CA
ValidityThu, 25 Apr 2024 05:54:53 GMT - Wed, 24 Jul 2024 05:54:52 GMT

File type
JavaScript source, ASCII text, with very long lines (64229)
Size
99 kB (98668 bytes)
Hash
bd27969fda0af7f25329fa9bdc18312c
c5b14cd366114103d83be43d363f40c21a5ff493
3e5b40d8f21b745f23fe2bbda9b812abd6b150949acff74b6289766dac7dab24

HTTP Headers

GET /v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js HTTP/1.1
Host: cdn.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Apr 2024 08:52:29 GMT
content-type: application/javascript
cf-ray: 87ad93a5f89e5699-OSL
cf-cache-status: HIT
age: 839
cache-control: public,max-age=900
etag: W/"bd27969fda0af7f25329fa9bdc18312c"
last-modified: Mon, 22 Apr 2024 16:54:08 GMT
vary: Accept-Encoding
x-amz-id-2: gtD597KHlDHj2oZFH/Pk2wxi/hyYUCoTSyuoIgm46rjjYsnDHf7A4FxrsF8KFMjRsVk1ihF14so=
x-amz-meta-sha: b9919b351
x-amz-meta-version: 1.11.1
x-amz-request-id: KB7SYVG9RV1NQCKG
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PtxyNSRjINZF3ZsYi7ppxwAPSUGBDaE1LJCZlVGaaGa%2FCxkV6W99EoKbt2wPFkSZ0Ywvofzy%2BZPB8hR%2BjUfmpph%2F8IKzdzZVqRHe2ZF6BIpPsOntqvLjvBSdw1%2BYHcrSnJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5

104.18.72.113

200 OK

10 kB

URL GET HTTP/2
static.zdassets.com/ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT

File type
JavaScript source, ASCII text, with very long lines (10187), with no line terminators
Size
10 kB (10187 bytes)
Hash
c0053b411b753138af468db1bd3b19f3
7c3a187aa58f2b9e5446edb761b3d4d2ba506fe7
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

HTTP Headers

GET /ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 27 Apr 2024 08:52:30 GMT
content-type: application/javascript
x-amz-id-2: 4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
x-amz-request-id: 9X4B0G1GWNB25PJG
x-amz-replication-status: PENDING
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
etag: W/"c0053b411b753138af468db1bd3b19f3"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
cf-cache-status: HIT
age: 22
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7ev1UU%2F8sAI8YcdrYSOeD1FF6I9Rp1upPMxdx7bFFLYltJ9RLYIkRk9p95NvCi%2B7hsJ%2BmM%2FnvrkG9sDoij2m5mA7VA%2FYoNu37nWNYKKIYoNkhs4bJVOPaWsvJjH66zKupCH4mc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87ad93a8d9a356a4-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/7115623b-76d4-4c1f-8990-94f619d493ba
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (1572)
Size
12 kB (11743 bytes)
Hash
66c210cf89516717b9b050a23109dd51
d0e4b53cf172dd7b834efbd456359c0d2fcf5ce9
631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 Apr 2024 08:52:28 GMT
date: Sat, 27 Apr 2024 08:52:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML