Report - analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2

Report Overview

Submitted URL
analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
IP
20.50.210.201
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-04-24 04:52:40
Access
public
Website Title
Malicious 8220 Gang 7518aab81993553173ac8357c22c01df.elf - Intezer
Final URL
analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-22	1.3 kB	275 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-23	1.4 kB	19 kB	142.250.74.106
www.google.no	25607	2001-02-26	2016-04-05	2024-04-23	595 B	578 B	142.250.74.163
static.zdassets.com	2154	2013-01-28	2018-06-24	2024-04-22	1.3 kB	1.0 MB	104.18.72.113
ekr.zdassets.com	2396	2013-01-28	2018-06-14	2024-04-23	474 B	2.0 kB	104.18.70.113
analyze.intezer.com	unknown	2015-08-28	2017-10-25	2024-04-18	12 kB	8.4 MB	20.50.210.201
fast.appcues.com	5455	2012-09-08	2015-02-20	2024-04-20	1.0 kB	141 kB	151.101.194.110
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-22	546 B	49 kB	142.250.74.67
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-22	1.7 kB	748 B	216.239.32.36
api.getkoala.com	unknown	2019-03-03	2022-11-08	2024-04-19	3.5 kB	6.0 kB	172.67.69.220
api.appcues.net	3188	2016-05-31	2018-07-22	2024-04-21	1.1 kB	558 B	44.236.147.97
cdn.getkoala.com	unknown	2019-03-03	2022-11-18	2024-03-25	446 B	100 kB	172.67.69.220

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	analyze.intezer.com/api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/sub/e2d4a172-5e2f-47a4-93f6-b39cacc73882/families-by-strings	Linux.Trojan.Gafgyt

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js	437 kB	2023-04-28	2024-05-05
Pretty URL fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js IP 151.101.194.110 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-28 10:22:00 Last Seen2024-05-05 20:30:02 Times Seen171 Hash 325b9a6678104a85e18bc8550b5128bb 2d585626354b157d49880483a98931f06af09424 71ba7bfe96a36cbf8f83183feb91e6e73ea7144313be0ba46cc8fea020ea6e80 Loading...

	static.zdassets.com/ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5	10 kB	2024-01-15	2024-05-05
Pretty URL static.zdassets.com/ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5 IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-15 08:52:01 Last Seen2024-05-05 20:54:43 Times Seen3324 Hash c0053b411b753138af468db1bd3b19f3 7c3a187aa58f2b9e5446edb761b3d4d2ba506fe7 ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f Loading...

	cdn.getkoala.com/v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js	99 kB	2024-04-24	2024-05-05
Pretty URL cdn.getkoala.com/v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js IP 172.67.69.220 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:52:44 Last Seen2024-05-05 20:30:02 Times Seen18 Hash bd27969fda0af7f25329fa9bdc18312c c5b14cd366114103d83be43d363f40c21a5ff493 3e5b40d8f21b745f23fe2bbda9b812abd6b150949acff74b6289766dac7dab24 Loading...

	analyze.intezer.com/app.52ece46a937cd0f7390e.js	4.7 MB	2024-04-24	2024-04-24
Pretty URL analyze.intezer.com/app.52ece46a937cd0f7390e.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:52:44 Last Seen2024-04-24 06:52:45 Times Seen2 Hash 2c8e6416471614eaef1af9eb761a0aee 96f40c06c2126dbadc4b3265a68a52fbf0cf844d 30a4de81fe75fbb21a27fafe7af8f11b3a49926c518ae875c54a32cd9a119bd2 Loading...

	static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js	992 kB	2024-04-11	2024-05-05
Pretty URL static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 14:18:32 Last Seen2024-05-05 14:16:44 Times Seen267 Hash 3784cf5e1ddd3a68e335f3bb4a5e2fcd 617bebee8c2acfff41763b25aa8e2b65bdebc1d3 7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4 Loading...

	static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js	26 kB	2023-11-01	2024-05-05
Pretty URL static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 04:40:16 Last Seen2024-05-05 14:16:44 Times Seen3229 Hash 6eb45e96a7cbb4b8ca10897f3cf09981 2a12b20d1ca65377448dce30519c629aa4273346 a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e Loading...

	www.googletagmanager.com/gtag/destination?id=AW-725468766&l=dataLayer&cx=c	223 kB	2024-04-24	2024-04-24
Pretty URL www.googletagmanager.com/gtag/destination?id=AW-725468766&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:52:45 Last Seen2024-04-24 06:52:45 Times Seen2 Hash 1d450c708e3aa7b68e7b3e0183f921bc 68a828c24aebfe284c257526d87bc99b39fa4c63 c70b619499ada66ee48b66709bbd3583c62d4c9155e75e5ac47fa334491536bb Loading...

	analyze.intezer.com/9614.ad793603c1b0a08dcf69.js	253 kB	2024-04-18	2024-05-05
Pretty URL analyze.intezer.com/9614.ad793603c1b0a08dcf69.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:53:19 Last Seen2024-05-05 20:30:02 Times Seen21 Hash ac91777f6957d021a1d664a5969a065b 6b1cccd2ad960ab02e17573497257db7980972b0 bac9414c98840c0ebba2db7fd40ac3f471da928d3e331a9a82855f8554bd2337 Loading...

	analyze.intezer.com/appcues.js	21 kB	2023-09-04	2024-05-05
Pretty URL analyze.intezer.com/appcues.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-04 11:32:28 Last Seen2024-05-05 20:30:02 Times Seen108 Hash 6a666673857172d62dd9b4db844747c4 88370222a461b9a520ecf1418995cf4ba7694771 7092a4655a3e2041945471cb88fe81f17fb3514ea7eedb585d6dd7bca61dd72a Loading...

	analyze.intezer.com/9593.42ab05ec1a8315167545.js	3.0 MB	2024-04-24	2024-05-05
Pretty URL analyze.intezer.com/9593.42ab05ec1a8315167545.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:52:45 Last Seen2024-05-05 20:30:02 Times Seen18 Hash bb1794967503fbb9ea4c315c4c79975a 2c69788e47c3f20ce340b8312f13cf24bb8bf97c e3aba89cc7a66478533da4b96b467c78269609f3cc5ff3830a9fa2fb5b42ded2 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KC95766	257 kB	2024-04-24	2024-04-24
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KC95766 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:52:45 Last Seen2024-04-24 06:52:45 Times Seen2 Hash 5e6e3d37d2e9322f6e3edfba6bda20d8 5714676688659001cb9cc64bd99c59a80855481d 3c5e335f7d1cadea9bc08eadc0a35e8ea3ace36552546e2ab280b53cecbd31ca Loading...

	analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2	520 B	2023-11-07	2024-05-05
Pretty URL analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2 IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-07 22:54:00 Last Seen2024-05-05 20:30:01 Times Seen99 Hash 4d1cdb787df8932e05c58ac121b68bc5 35ab11a91e4f8cf728203ba05bc12c5462076a34 546010485b1b1ef82fee1af3ac7b94848c60c6fdec067399a715963926daa81b Loading...

	www.googletagmanager.com/gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c	309 kB	2024-04-24	2024-04-24
Pretty URL www.googletagmanager.com/gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:52:45 Last Seen2024-04-24 06:52:45 Times Seen2 Hash ee2b2ba3469b76bc6d63ee468e90b6c4 6264c1f8a4e3d2657a1ef390caad5b51337551ba c9b2541b7b1e1888d24a1cc39fd3f5257f03ce7b36082d6f216ce523fbbc40b7 Loading...

	analyze.intezer.com/2864.6b42e724fcebf898675b.js	217 kB	2024-04-18	2024-05-05
Pretty URL analyze.intezer.com/2864.6b42e724fcebf898675b.js IP 20.50.210.201 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:53:19 Last Seen2024-05-05 20:30:02 Times Seen22 Hash e043bf5c09c4e23c6be51da6be8b943b bc3342a11b0d93a0c4d35c1914636e8f2e0238f0 8954bb8c31e7afabd56f3a9e3a057bfb169a174be41b191c5ff9ed4f327bead6 Loading...

HTTP Transactions (44)

URL IP Response Size

analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2

20.50.210.201

200 OK

1.5 kB

URL User Request GET HTTP/2
analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
HTML document, ASCII text, with very long lines (703)
Size
1.5 kB (1545 bytes)
Hash
7556b7db61d45cb5ef3b7f3c65d3191a
341c2a9ee22b41ed9eaffd4f5640ec057030f85d
1c04e6de17a8834f31591f48431ef69e08d7ecc22d21de74c08818ee20619c1a

HTTP Headers

GET /analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2 HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:09 GMT
content-type: text/html
content-length: 1545
last-modified: Sun, 21 Apr 2024 12:09:31 GMT
etag: "662501fb-609"
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://www.gstatic.com; style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api-js.mixpanel.com https://api.getkoala.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net;manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/appcues.js

20.50.210.201

200 OK

21 kB

URL GET HTTP/2
analyze.intezer.com/appcues.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, ASCII text, with very long lines (16216)
Size
21 kB (20968 bytes)
Hash
6a666673857172d62dd9b4db844747c4
88370222a461b9a520ecf1418995cf4ba7694771
7092a4655a3e2041945471cb88fe81f17fb3514ea7eedb585d6dd7bca61dd72a

HTTP Headers

GET /appcues.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:10 GMT
content-type: application/javascript
content-length: 20968
last-modified: Sun, 21 Apr 2024 12:09:31 GMT
etag: "662501fb-51e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/9593.42ab05ec1a8315167545.js

20.50.210.201

200 OK

3.0 MB

URL GET HTTP/2
analyze.intezer.com/9593.42ab05ec1a8315167545.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33685), with LF, NEL line terminators
Size
3.0 MB (3004241 bytes)
Hash
bb1794967503fbb9ea4c315c4c79975a
2c69788e47c3f20ce340b8312f13cf24bb8bf97c
e3aba89cc7a66478533da4b96b467c78269609f3cc5ff3830a9fa2fb5b42ded2

HTTP Headers

GET /9593.42ab05ec1a8315167545.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:10 GMT
content-type: application/javascript
content-length: 3004241
last-modified: Sun, 21 Apr 2024 12:09:31 GMT
etag: "662501fb-2dd751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/app.52ece46a937cd0f7390e.js

20.50.210.201

200 OK

4.7 MB

URL GET HTTP/2
analyze.intezer.com/app.52ece46a937cd0f7390e.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65442)
Size
4.7 MB (4720385 bytes)
Hash
2c8e6416471614eaef1af9eb761a0aee
96f40c06c2126dbadc4b3265a68a52fbf0cf844d
30a4de81fe75fbb21a27fafe7af8f11b3a49926c518ae875c54a32cd9a119bd2

HTTP Headers

GET /app.52ece46a937cd0f7390e.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:10 GMT
content-type: application/javascript
content-length: 4720385
last-modified: Sun, 21 Apr 2024 12:09:30 GMT
etag: "662501fa-480701"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js

151.101.194.110

200 OK

124 kB

URL GET HTTP/2
fast.appcues.com/generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js
IP
151.101.194.110:443
ASN
#54113 FASTLY

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGlobalSign nv-sa
Subjectfast.appcues.com
FingerprintC0:70:30:FF:D6:06:AD:70:66:08:1E:48:AB:1C:4B:AA:C8:5A:06:B5
ValiditySat, 05 Aug 2023 19:48:19 GMT - Thu, 05 Sep 2024 19:48:18 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
Size
124 kB (123629 bytes)
Hash
325b9a6678104a85e18bc8550b5128bb
2d585626354b157d49880483a98931f06af09424
71ba7bfe96a36cbf8f83183feb91e6e73ea7144313be0ba46cc8fea020ea6e80

HTTP Headers

GET /generic/main/4.53.1/appcues.main.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.js HTTP/1.1
Host: fast.appcues.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: 7SzEP1g5Av7hiHWj2WdYKxbNg84uLkquGC2UVtcatkOZ3VvdGs49Wwbq4N4NWAXF+maUda5Zjnc=
x-amz-request-id: BV4N800DZQZ00ZS8
last-modified: Mon, 24 Apr 2023 18:56:52 GMT
etag: "325b9a6678104a85e18bc8550b5128bb"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
server: AmazonS3
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
accept-ranges: bytes
age: 1329448
date: Wed, 24 Apr 2024 04:52:10 GMT
via: 1.1 varnish
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1713934331.863624,VS0,VE1
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-length: 123629
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KC95766

142.250.74.168

200 OK

91 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KC95766
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (3130)
Size
91 kB (90771 bytes)
Hash
5e6e3d37d2e9322f6e3edfba6bda20d8
5714676688659001cb9cc64bd99c59a80855481d
3c5e335f7d1cadea9bc08eadc0a35e8ea3ace36552546e2ab280b53cecbd31ca

HTTP Headers

GET /gtm.js?id=GTM-KC95766 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:52:10 GMT
expires: Wed, 24 Apr 2024 04:52:10 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90771
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/client-config

20.50.210.201

200 OK

571 B

URL GET HTTP/2
analyze.intezer.com/api/v1-2/client-config
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
571 B (571 bytes)
Hash
881706d7c63d56f066eb75a7315b8eb5
814acdf68c354cf1cda3efb8d7d9d414a1bf76ec
80526ac478071d8a07d14035dbc898cfbb801737829e0e8b5d77d82c3835ba19

HTTP Headers

GET /api/v1-2/client-config HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:11 GMT
content-type: application/json
content-length: 571
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: analyze.intezer.com, protect.intezer.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analyze.intezer.com/acct/v1-2/account-details

20.50.210.201

200 OK

305 B

URL POST HTTP/2
analyze.intezer.com/acct/v1-2/account-details
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
305 B (305 bytes)
Hash
7dbb2ebddec43091d0a1c6ff5207e88b
90c56692022588dfe7093df2da174bcb5591ad04
05a92a6d620965fbfa0bb5860ef174324980d5bf73513897be1b24777ee56844

HTTP Headers

POST /acct/v1-2/account-details HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:11 GMT
content-type: application/json
content-length: 305
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Inconsolata&display=swap

142.250.74.106

200 OK

2.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Inconsolata&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (522)
Size
2.5 kB (2515 bytes)
Hash
c30ef280f91e26680a4612d1626651f0
053ea76a682df721744d98f0c7d8aa00cc9a099a
e3174c2233ab47d66b9f76ed371ca82408951dd5c41519036fd2cf695762a333

HTTP Headers

GET /css?family=Inconsolata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 04:52:10 GMT
date: Wed, 24 Apr 2024 04:52:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/destination?id=AW-725468766&l=dataLayer&cx=c

142.250.74.168

200 OK

80 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/destination?id=AW-725468766&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
80 kB (80054 bytes)
Hash
1d450c708e3aa7b68e7b3e0183f921bc
68a828c24aebfe284c257526d87bc99b39fa4c63
c70b619499ada66ee48b66709bbd3583c62d4c9155e75e5ac47fa334491536bb

HTTP Headers

GET /gtag/destination?id=AW-725468766&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:52:11 GMT
expires: Wed, 24 Apr 2024 04:52:11 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80054
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c

142.250.74.168

200 OK

102 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (9178)
Size
102 kB (102318 bytes)
Hash
ee2b2ba3469b76bc6d63ee468e90b6c4
6264c1f8a4e3d2657a1ef390caad5b51337551ba
c9b2541b7b1e1888d24a1cc39fd3f5257f03ce7b36082d6f216ce523fbbc40b7

HTTP Headers

GET /gtag/js?id=G-77ZEDWXEEK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:52:11 GMT
expires: Wed, 24 Apr 2024 04:52:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

analyze.intezer.com/9614.ad793603c1b0a08dcf69.js

20.50.210.201

200 OK

253 kB

URL GET HTTP/2
analyze.intezer.com/9614.ad793603c1b0a08dcf69.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65453)
Size
253 kB (252890 bytes)
Hash
ac91777f6957d021a1d664a5969a065b
6b1cccd2ad960ab02e17573497257db7980972b0
bac9414c98840c0ebba2db7fd40ac3f471da928d3e331a9a82855f8554bd2337

HTTP Headers

GET /9614.ad793603c1b0a08dcf69.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:11 GMT
content-type: application/javascript
content-length: 252890
last-modified: Sun, 21 Apr 2024 12:09:31 GMT
etag: "662501fb-3dbda"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/2864.6b42e724fcebf898675b.js

20.50.210.201

200 OK

217 kB

URL GET HTTP/2
analyze.intezer.com/2864.6b42e724fcebf898675b.js
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
217 kB (217098 bytes)
Hash
e043bf5c09c4e23c6be51da6be8b943b
bc3342a11b0d93a0c4d35c1914636e8f2e0238f0
8954bb8c31e7afabd56f3a9e3a057bfb169a174be41b191c5ff9ed4f327bead6

HTTP Headers

GET /2864.6b42e724fcebf898675b.js HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:11 GMT
content-type: application/javascript
content-length: 217098
last-modified: Sun, 21 Apr 2024 12:09:31 GMT
etag: "662501fb-3500a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/b2bbd211bc04498bcf4eecf540f44e52.woff2

20.50.210.201

200 OK

22 kB

URL GET HTTP/2
analyze.intezer.com/b2bbd211bc04498bcf4eecf540f44e52.woff2
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22096, version 2.131
Size
22 kB (22096 bytes)
Hash
bd5793996213550d5d9ea47a48e33bee
021e1ba4523842a045c47f067e4cbe8137ce5214
1a7b6523d182680619f4e3afa5f42c820bfee356675fdee431fc51e2b9c3eb36

HTTP Headers

GET /b2bbd211bc04498bcf4eecf540f44e52.woff2 HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: font/woff2
content-length: 22096
last-modified: Sun, 21 Apr 2024 12:09:30 GMT
etag: "662501fa-5650"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/internal

20.50.210.201

200 OK

2.4 kB

URL POST HTTP/2
analyze.intezer.com/api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/internal
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
2.4 kB (2429 bytes)
Hash
b33f8184aa1e9890605e01a43edca95f
785a948d304f889c2bd2ba067ca22dd2c0464428
7e8d1196b865f1459f2585cc4e873cf7cd35e90e02b3eda09cd50e9ef70a876e

HTTP Headers

POST /api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/internal HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json
content-length: 2429
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: analyze.intezer.com, protect.intezer.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.67

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 526632
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analyze.intezer.com/favicon.png

20.50.210.201

200 OK

1.9 kB

URL GET HTTP/2
analyze.intezer.com/favicon.png
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
PNG image data, 82 x 86, 8-bit colormap, non-interlaced
Size
1.9 kB (1870 bytes)
Hash
0f5528b3c2af9fc4510edfe430807bfe
513db20eae627160af9c77686555d701b64e96eb
28af5faf1c19d79984054f62f7e68aa7b448578cd77d62b6103dc625b0d6fd77

HTTP Headers

GET /favicon.png HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: image/png
content-length: 1870
last-modified: Sun, 21 Apr 2024 12:09:31 GMT
etag: "662501fb-74e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44m0v890741055z8812351983za200&_p=1713934330251&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2048060625.1713934332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713934332&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F35414a7c-5ca3-485c-a122-d92e9aae35d2&dt=Intezer%20Analyze%20%E2%80%93%20Security%20analysts%27%20trusted%20advisor&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2449

216.239.32.36

204 No Content

0 B

URL GET HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44m0v890741055z8812351983za200&_p=1713934330251&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2048060625.1713934332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713934332&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F35414a7c-5ca3-485c-a122-d92e9aae35d2&dt=Intezer%20Analyze%20%E2%80%93%20Security%20analysts%27%20trusted%20advisor&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2449
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44m0v890741055z8812351983za200&_p=1713934330251&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2048060625.1713934332&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713934332&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F35414a7c-5ca3-485c-a122-d92e9aae35d2&dt=Intezer%20Analyze%20%E2%80%93%20Security%20analysts%27%20trusted%20advisor&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2449 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-origin: *
date: Wed, 24 Apr 2024 04:52:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analyze.intezer.com/adr/v1-2/alerts/get-alerts-by-tenant-and-sha256

20.50.210.201

401 Unauthorized

31 B

URL POST HTTP/2
analyze.intezer.com/adr/v1-2/alerts/get-alerts-by-tenant-and-sha256
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
31 B (31 bytes)
Hash
fa380364bab8af94c50353ec5b34675e
3e63981dec1d322871b97bbc444b9025f475c90e
3a5360f83d6cde972e2bed5f7c6b5ed6d8f70ef79d83052c02ae9253dd4a03cb

HTTP Headers

POST /adr/v1-2/alerts/get-alerts-by-tenant-and-sha256 HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 88
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332; _ga_77ZEDWXEEK=GS1.1.1713934332.1.0.1713934332.60.0.0; _ga=GA1.1.2048060625.1713934332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json
content-length: 31
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77ZEDWXEEK&cid=2048060625.1713934332&gtm=45je44m0v890741055z8812351983za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1138791456

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77ZEDWXEEK&cid=2048060625.1713934332&gtm=45je44m0v890741055z8812351983za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1138791456
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D
ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77ZEDWXEEK&cid=2048060625.1713934332&gtm=45je44m0v890741055z8812351983za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1138791456 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 04:52:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

analyze.intezer.com/adr/v1-2/alerts/get-alerts-by-tenant-and-sha256

20.50.210.201

401 Unauthorized

31 B

URL POST HTTP/2
analyze.intezer.com/adr/v1-2/alerts/get-alerts-by-tenant-and-sha256
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
31 B (31 bytes)
Hash
fa380364bab8af94c50353ec5b34675e
3e63981dec1d322871b97bbc444b9025f475c90e
3a5360f83d6cde972e2bed5f7c6b5ed6d8f70ef79d83052c02ae9253dd4a03cb

HTTP Headers

POST /adr/v1-2/alerts/get-alerts-by-tenant-and-sha256 HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 88
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332; _ga_77ZEDWXEEK=GS1.1.1713934332.1.0.1713934332.60.0.0; _ga=GA1.1.2048060625.1713934332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json
content-length: 31
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analyze.intezer.com/acct/v1-2/resign-in

20.50.210.201

401 Unauthorized

44 B

URL POST HTTP/2
analyze.intezer.com/acct/v1-2/resign-in
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
44 B (44 bytes)
Hash
e57bebcf9f36e6f92ae72139a963be84
a188b1afac99850c2769ec614fc3aa9f321474a1
e62fe4bf7a77db07be5e952c35bf60b91595123398a2be4f59c175e1de9283fb

HTTP Headers

POST /acct/v1-2/resign-in HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332; _ga_77ZEDWXEEK=GS1.1.1713934332.1.0.1713934332.60.0.0; _ga=GA1.1.2048060625.1713934332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 401 Unauthorized
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json
content-length: 44
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cache-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

analyze.intezer.com/acct/v1-2/resign-in

20.50.210.201

401 Unauthorized

44 B

URL POST HTTP/2
analyze.intezer.com/acct/v1-2/resign-in
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
44 B (44 bytes)
Hash
e57bebcf9f36e6f92ae72139a963be84
a188b1afac99850c2769ec614fc3aa9f321474a1
e62fe4bf7a77db07be5e952c35bf60b91595123398a2be4f59c175e1de9283fb

HTTP Headers

POST /acct/v1-2/resign-in HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332; _ga_77ZEDWXEEK=GS1.1.1713934332.1.0.1713934332.60.0.0; _ga=GA1.1.2048060625.1713934332; ko_id=49f69ae1-60d3-4792-97cf-c069764ffd16; ko_sid={%22id%22:%221713934332511%22%2C%22lastTouched%22:1713934332525}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 401 Unauthorized
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json
content-length: 44
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cache-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/additional-classifications

20.50.210.201

200 OK

14 B

URL GET HTTP/2
analyze.intezer.com/api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/additional-classifications
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
14 B (14 bytes)
Hash
1196db381c388a3e972449ebe6a35224
0e89c39060587c33bab9bd81ab295b2592645d98
49ff7aea8cd2a0f6c907f08e4fe614f354a9d2ffb12564addf7079e6a24ec80e

HTTP Headers

GET /api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/additional-classifications HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332; _ga_77ZEDWXEEK=GS1.1.1713934332.1.0.1713934332.60.0.0; _ga=GA1.1.2048060625.1713934332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json
content-length: 14
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: analyze.intezer.com, protect.intezer.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/files/e2d4a172-5e2f-47a4-93f6-b39cacc73882/capa-report

20.50.210.201

409 Conflict

36 B

URL POST HTTP/2
analyze.intezer.com/api/v1-2/files/e2d4a172-5e2f-47a4-93f6-b39cacc73882/capa-report
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
36 B (36 bytes)
Hash
b17c9f5c17df3fde75c9d8e5a4baf9de
90682fd16997d24754c63b95c44aee8bad1841ab
b361b0e2094683e72b5b4529a485a75a3bdcd1dc59071cba493514ab4392f79d

HTTP Headers

POST /api/v1-2/files/e2d4a172-5e2f-47a4-93f6-b39cacc73882/capa-report HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332; _ga_77ZEDWXEEK=GS1.1.1713934332.1.0.1713934332.60.0.0; _ga=GA1.1.2048060625.1713934332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 409 Conflict
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json
content-length: 36
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
X-Firefox-Spdy: h2

analyze.intezer.com/api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/sub/e2d4a172-5e2f-47a4-93f6-b39cacc73882/families-by-strings

20.50.210.201

200 OK

42 kB

URL POST HTTP/2
analyze.intezer.com/api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/sub/e2d4a172-5e2f-47a4-93f6-b39cacc73882/families-by-strings
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
JSON text data
Size
42 kB (41637 bytes)
Hash
4319ea166f1c2d6ca1a4d1038d239359
feed877e7a7d7e3cf3a6ddafaf9387f3b47e73de
da96b7801081c2801a4714902d8cebb4b9a037af81a848902e2265ba0a05869f

Detections

Analyzer	Verdict	Alert
Elastic Security YARA Rules	malware	Linux.Trojan.Gafgyt

HTTP Headers

POST /api/v1-2/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2/sub/e2d4a172-5e2f-47a4-93f6-b39cacc73882/families-by-strings HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332; _ga_77ZEDWXEEK=GS1.1.1713934332.1.0.1713934332.60.0.0; _ga=GA1.1.2048060625.1713934332
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json
content-length: 41637
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: analyze.intezer.com, protect.intezer.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch

172.67.69.220

204 No Content

0 B

URL POST HTTP/2
api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch
IP
172.67.69.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint50:5E:3F:57:B8:41:24:A6:47:4C:DD:43:08:EC:81:44:B9:F6:AC:52
ValidityMon, 26 Feb 2024 02:27:55 GMT - Sun, 26 May 2024 02:27:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 760
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 24 Apr 2024 04:52:12 GMT
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 46724e06-1167-47a3-a1c0-c1a8a96c41df
x-runtime: 0.008941
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCjD3RqRQ2LmgnKY0USnkqn4hmD923E0N6IFsbwoxnBxowibUQox8Xwa9jw4BrXE7I0ZSotqvorFAaxZc9kRKKloxEwcYLxLjEyuBiJ3ZNp%2BIOGUVMHavoK0N5%2FeBkfxkzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87937b8a6ea656b5-OSL
X-Firefox-Spdy: h2

api.getkoala.com/cable?profile_id=49f69ae1-60d3-4792-97cf-c069764ffd16&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a

104.26.0.188

0 B

URL
api.getkoala.com/cable?profile_id=49f69ae1-60d3-4792-97cf-c069764ffd16&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a
IP
104.26.0.188:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint50:5E:3F:57:B8:41:24:A6:47:4C:DD:43:08:EC:81:44:B9:F6:AC:52
ValidityMon, 26 Feb 2024 02:27:55 GMT - Sun, 26 May 2024 02:27:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cable?profile_id=49f69ae1-60d3-4792-97cf-c069764ffd16&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://analyze.intezer.com
Sec-WebSocket-Protocol: actioncable-v1-json, actioncable-unsupported
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hN0EoaG92Xa0cFz/4trfiw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 24 Apr 2024 04:52:13 GMT
Connection: upgrade
Sec-Websocket-Accept: gksjgOqzjT0U43T7RYYHY+q5quI=
Sec-Websocket-Protocol: actioncable-v1-json
Upgrade: websocket
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqzNfjoWOgnP1BMJGCzAw7kccSbb49e3iHE9blwt1mvbbbWAYMdjw4LIkSJ2mfJ2eG6s%2F5zpBPWI0KW45N2oClxFwzvU%2BXw%2FiIUYlYaChI3DSlNE9AihRFce5r1Am4kX%2BaI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87937b8ab97f5697-OSL

api.appcues.net/v1/socket/websocket?vsn=2.0.0

44.236.147.97

0 B

URL
api.appcues.net/v1/socket/websocket?vsn=2.0.0
IP
44.236.147.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1
Host: api.appcues.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://analyze.intezer.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qJKgx5+t+RIWDcQKVWLRig==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 24 Apr 2024 04:52:13 GMT
Connection: upgrade
cache-control: max-age=0, private, must-revalidate
sec-websocket-accept: dMjZVD5nXYhaq9HEFXOZGlU2eZo=
sec-websocket-extensions: permessage-deflate
server: Cowboy
upgrade: websocket

api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/metrics

172.67.69.220

204 No Content

0 B

URL POST HTTP/2
api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/metrics
IP
172.67.69.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint50:5E:3F:57:B8:41:24:A6:47:4C:DD:43:08:EC:81:44:B9:F6:AC:52
ValidityMon, 26 Feb 2024 02:27:55 GMT - Sun, 26 May 2024 02:27:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/metrics HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 796
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 24 Apr 2024 04:52:13 GMT
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 95c95edd-bcea-4471-a454-64bad43b4f38
x-runtime: 0.006385
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24sl4lnaWDrrmO0%2Fa0Sy7SSrBCQYmIEF%2BeChadUgh%2BvsVuhDgGIjOCArjdZuzS9%2Fj45j3ODxSwEOGytcKCs8EGCZJYEERPBes50V3cPQ1Dd%2B%2B%2BtgOnpSkLiecBQab0N4aP4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87937b908a6756b5-OSL
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44m0v890741055za200&_p=1713934330251&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2048060625.1713934332&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1713934332&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F35414a7c-5ca3-485c-a122-d92e9aae35d2&dt=Intezer%20Analyze%20%E2%80%93%20Security%20analysts%27%20trusted%20advisor&en=scroll&epn.percent_scrolled=90&tfd=7565

216.239.32.36

204 No Content

0 B

URL GET HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44m0v890741055za200&_p=1713934330251&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2048060625.1713934332&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1713934332&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F35414a7c-5ca3-485c-a122-d92e9aae35d2&dt=Intezer%20Analyze%20%E2%80%93%20Security%20analysts%27%20trusted%20advisor&en=scroll&epn.percent_scrolled=90&tfd=7565
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /g/collect?v=2&tid=G-77ZEDWXEEK&gtm=45je44m0v890741055za200&_p=1713934330251&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2048060625.1713934332&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1713934332&sct=1&seg=0&dl=https%3A%2F%2Fanalyze.intezer.com%2Fanalyses%2F35414a7c-5ca3-485c-a122-d92e9aae35d2&dt=Intezer%20Analyze%20%E2%80%93%20Security%20analysts%27%20trusted%20advisor&en=scroll&epn.percent_scrolled=90&tfd=7565 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: *
date: Wed, 24 Apr 2024 04:52:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch

172.67.69.220

204 No Content

0 B

URL POST HTTP/2
api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch
IP
172.67.69.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint50:5E:3F:57:B8:41:24:A6:47:4C:DD:43:08:EC:81:44:B9:F6:AC:52
ValidityMon, 26 Feb 2024 02:27:55 GMT - Sun, 26 May 2024 02:27:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a/batch HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 765
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 24 Apr 2024 04:52:29 GMT
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: f7a88995-4a6c-4415-9bad-6094a59c5d3e
x-runtime: 0.007933
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H51hrkkmHcqzPPr25dpayn%2F8WXoGaY6%2FbLH6ORlPvY42rynHOEcpkUfzhGhLEruO%2F24Y15CfHOcgJgjlwNhRL7prLo8EKGh%2Byflj3Cwj40XXLUrb6GwYjMyyX3CLq1QGBVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87937bf4994256b5-OSL
X-Firefox-Spdy: h2

api.getkoala.com/cable?profile_id=49f69ae1-60d3-4792-97cf-c069764ffd16&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a

104.26.0.188

101 Switching Protocols

0 B

URL GET HTTP/1.1
api.getkoala.com/cable?profile_id=49f69ae1-60d3-4792-97cf-c069764ffd16&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a
IP
104.26.0.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint50:5E:3F:57:B8:41:24:A6:47:4C:DD:43:08:EC:81:44:B9:F6:AC:52
ValidityMon, 26 Feb 2024 02:27:55 GMT - Sun, 26 May 2024 02:27:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cable?profile_id=49f69ae1-60d3-4792-97cf-c069764ffd16&project_slug=pk_6c50e30c08715cfa57e9d6fd33965720122a HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://analyze.intezer.com
Sec-WebSocket-Protocol: actioncable-v1-json, actioncable-unsupported
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hN0EoaG92Xa0cFz/4trfiw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 24 Apr 2024 04:52:13 GMT
Connection: upgrade
Sec-Websocket-Accept: gksjgOqzjT0U43T7RYYHY+q5quI=
Sec-Websocket-Protocol: actioncable-v1-json
Upgrade: websocket
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqzNfjoWOgnP1BMJGCzAw7kccSbb49e3iHE9blwt1mvbbbWAYMdjw4LIkSJ2mfJ2eG6s%2F5zpBPWI0KW45N2oClxFwzvU%2BXw%2FiIUYlYaChI3DSlNE9AihRFce5r1Am4kX%2BaI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87937b8ab97f5697-OSL

cdn.getkoala.com/v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js

172.67.69.220

200 OK

99 kB

URL GET HTTP/2
cdn.getkoala.com/v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js
IP
172.67.69.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint50:5E:3F:57:B8:41:24:A6:47:4C:DD:43:08:EC:81:44:B9:F6:AC:52
ValidityMon, 26 Feb 2024 02:27:55 GMT - Sun, 26 May 2024 02:27:54 GMT

File type
JavaScript source, ASCII text, with very long lines (64229)
Size
99 kB (98668 bytes)
Hash
bd27969fda0af7f25329fa9bdc18312c
c5b14cd366114103d83be43d363f40c21a5ff493
3e5b40d8f21b745f23fe2bbda9b812abd6b150949acff74b6289766dac7dab24

HTTP Headers

GET /v1/pk_6c50e30c08715cfa57e9d6fd33965720122a/sdk.js HTTP/1.1
Host: cdn.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:52:11 GMT
content-type: application/javascript
cf-ray: 87937b856b3856b5-OSL
cf-cache-status: HIT
age: 833
cache-control: public,max-age=900
etag: W/"bd27969fda0af7f25329fa9bdc18312c"
last-modified: Mon, 22 Apr 2024 16:54:08 GMT
vary: Accept-Encoding
x-amz-id-2: gtD597KHlDHj2oZFH/Pk2wxi/hyYUCoTSyuoIgm46rjjYsnDHf7A4FxrsF8KFMjRsVk1ihF14so=
x-amz-meta-sha: b9919b351
x-amz-meta-version: 1.11.1
x-amz-request-id: KB7SYVG9RV1NQCKG
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhwuL78JxO0GPdgfW9dO81svFXyYTVThkXSbJILnz48rt20uQF0LrVesfyd0gCviiahh0s6su9tjBHdFQdkZzndPmKr0Np%2F9HKovYtb%2FobOkBPH%2FwCqYnzJToPKCjwsDcbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fast.appcues.com/generic/main/4.53.1/container.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.css

151.101.194.110

200 OK

15 kB

URL GET HTTP/2
fast.appcues.com/generic/main/4.53.1/container.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.css
IP
151.101.194.110:443
ASN
#54113 FASTLY

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGlobalSign nv-sa
Subjectfast.appcues.com
FingerprintC0:70:30:FF:D6:06:AD:70:66:08:1E:48:AB:1C:4B:AA:C8:5A:06:B5
ValiditySat, 05 Aug 2023 19:48:19 GMT - Thu, 05 Sep 2024 19:48:18 GMT

File type
ASCII text, with very long lines (522)
Size
15 kB (15326 bytes)
Hash
040cf4e7e86c4d735fc66db697584fb0
4a2c2807c1cb30c6339ce99cedfa1d21416a99d7
d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de

HTTP Headers

GET /generic/main/4.53.1/container.a34de36c2b1cabfbe8c60fb8bd83fcb1a49243bd.css HTTP/1.1
Host: fast.appcues.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: WMbuLASk9id9kn12ZWtur7D+temzEutYLLJ0Fg1MrkYJOyE7A+uGf9jh0uwOw/WqYFm1KmSw1KE=
x-amz-request-id: 3HK3N4VVT81H8MN1
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 24 Apr 2023 18:56:52 GMT
etag: "040cf4e7e86c4d735fc66db697584fb0"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8;
server: AmazonS3
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
accept-ranges: bytes
age: 514819
date: Wed, 24 Apr 2024 04:52:11 GMT
via: 1.1 varnish
x-served-by: cache-hel1410027-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1713934332.838177,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
content-length: 2027
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Slab:300&display=swap

142.250.74.106

200 OK

2.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto+Slab:300&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (2610), with no line terminators
Size
2.5 kB (2547 bytes)
Hash
3ac73b909a1a38a6f17a9ebcc39639fe
7799bb47ab36a1f57ce0f04f1281025c49104779
6c3f3756f1ccab653c8d50f8f7e4b9265ab3baef92cef4cbd7740b42f7615810

HTTP Headers

GET /css?family=Roboto+Slab:300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 04:52:10 GMT
date: Wed, 24 Apr 2024 04:52:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

104.18.72.113

200 OK

992 kB

URL GET HTTP/2
static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT

File type

Size
992 kB (992059 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web_widget/classic/latest/web-widget-main-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: ldH41+NY0+fYAgvbqFIJmvudIE2j/SxzaKSwKqxB3P/vSWpJ08HqoFV2mSP6KWgMbK8lgvcvTvmD4moNqUmffw==
x-amz-request-id: 64S1GV9HNQKB0DVA
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:46:13 GMT
etag: W/"3784cf5e1ddd3a68e335f3bb4a5e2fcd"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:46:12 GMT
x-amz-version-id: _IYDenNVju8wHXIpAa8FJzBqmTlghdyK
cf-cache-status: HIT
age: 1098423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEzzZ0DVju2FYipIf9FL7KiaVBTgrmO%2BVUJG6USvWyxF7GfFZ2zJUQn6JH9OWhK58jC11zjXY%2BKZei%2BiYf7SNjsEbahukkV3pDcH%2F%2F6dZlFFKkzzqf0oB75BpIqHalHlvkq2yTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87937b8b5b8ab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.appcues.net/v1/socket/websocket?vsn=2.0.0

44.236.147.97

101 Switching Protocols

0 B

URL GET HTTP/1.1
api.appcues.net/v1/socket/websocket?vsn=2.0.0
IP
44.236.147.97:443
ASN
#16509 AMAZON-02

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerAmazon
Subjectappcues.net
FingerprintCC:C7:27:E5:D0:E2:97:42:9E:CB:6D:B6:3E:63:0A:A7:13:3B:9B:CD
ValidityTue, 04 Jul 2023 00:00:00 GMT - Thu, 01 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/socket/websocket?vsn=2.0.0 HTTP/1.1
Host: api.appcues.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://analyze.intezer.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qJKgx5+t+RIWDcQKVWLRig==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 24 Apr 2024 04:52:13 GMT
Connection: upgrade
cache-control: max-age=0, private, must-revalidate
sec-websocket-accept: dMjZVD5nXYhaq9HEFXOZGlU2eZo=
sec-websocket-extensions: permessage-deflate
server: Cowboy
upgrade: websocket

analyze.intezer.com/a5efd3d9205e908a12fb2c5725aa76a1.ttf

20.50.210.201

200 OK

61 kB

URL GET HTTP/2
analyze.intezer.com/a5efd3d9205e908a12fb2c5725aa76a1.ttf
IP
20.50.210.201:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoDaddy.com, Inc.
Subjectanalyze.intezer.com
Fingerprint62:0F:F7:27:03:6D:94:41:E7:19:BA:5D:F8:FA:3C:0B:93:54:19:5A
ValidityTue, 25 Jul 2023 19:50:53 GMT - Sun, 25 Aug 2024 19:50:53 GMT

File type
, name offset 0xc3bb0000
Size
61 kB (61212 bytes)
Hash
30d7e703c7c79369911eb6ca6bcafbda
1c9b1b3b58320c71474210bc9f649c9d7e9f85b6
4140e54d15a432e443afa40e065ed7b880639203b729f8bec32a7b8035e221b6

HTTP Headers

GET /a5efd3d9205e908a12fb2c5725aa76a1.ttf HTTP/1.1
Host: analyze.intezer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Cookie: _gcl_au=1.1.1843509904.1713934332
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: text/plain
last-modified: Sun, 21 Apr 2024 12:09:30 GMT
vary: Accept-Encoding
etag: W/"662501fa-ef1c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: frame-ancestors 'self' https://analyze.intezer.com https://www.intezer.com; upgrade-insecure-requests; script-src 'self' 'report-sample' 'nonce-3r9k7x2d1q' https://www.googletagmanager.com/gtm.js https://fast.appcues.net https://fast.appcues.com https://translate.googleapis.com https://translate.google.com https://analyze.intezer.com https://www.youtube.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://anayltics.google.com https://static.zdassets.com https://*.getkoala.com wss://*.getkoala.com https://ssl.google-analytics.com https://www.gstatic.com;style-src 'self' 'report-sample' 'unsafe-inline' platform.twitter.com ton.twimg.com fonts.googleapis.com *.appcues.net *.appcues.com https://fonts.loli.net https://fonts.proxy.ustclug.org https://use.fontawesome.com https://translate.googleapis.com https://analyze.intezer.com https://themes.googleusercontent.com https://fonts.googleapis.com www.googletagmanager.com;object-src 'none';frame-src *.appcues.com https://analyze.intezer.com https://app.hubspot.com https://www.googletagmanager.com https://www.youtube.com www.google.com;child-src 'none';img-src data: blob: *;font-src data: *;connect-src 'self' *.appcues.net wss://*.appcues.net *.appcues.com wss://*.appcues.com analyze.intezer.com wss://analyze.intezer.com wss://api.getkoala.com https://www.google-analytics.com/analytics.js https://intezerfiles.blob.core.windows.net/url-scans https://intezerfiles.blob.core.windows.net/files https://api.getkoala.com https://api-js.mixpanel.com https://intezer.zendesk.com https://*.intezer.com https://ekr.zdassets.com https://anayltics.google.comadservice.google.com www.google.com api.appcues.net; manifest-src *;base-uri https://analyze.intezer.com;form-action 'self';media-src data: *;prefetch-src 'self';worker-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js

104.18.72.113

200 OK

26 kB

URL GET HTTP/2
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT

File type

Size
26 kB (25711 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:52:13 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: W9B1SBtAeKjZ8kR3+2GgpY7yqrRwEUd74ifS+fdKkR32Prbx0bEwMeNV6dGVRlF6Cg02ybWPMLk=
x-amz-request-id: DKWT4SJ3NP0VX855
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Apr 2024 13:46:15 GMT
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 08 Apr 2025 13:46:13 GMT
x-amz-version-id: LLNIVxZ_bojnmbOmqAvI_43_VNrKfel_
cf-cache-status: HIT
age: 1098423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGXs2KpXQ2T%2BFzC6tKLCjAqxurzoAQuPSmU6pOWua8MHxTyvE3swHMJXCrEdPPCPsCU3%2BmT3adbj16%2B3PraSodrkkh7tTFlQ5koPOZv%2B%2FENEzBEmny5C4SFxVrTmFHCydNLEgVU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87937b8dfd0cb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

ekr.zdassets.com/compose/f8b95454-f8e3-4344-ba19-719f3120caa5

104.18.70.113

200 OK

733 B

URL GET HTTP/2
ekr.zdassets.com/compose/f8b95454-f8e3-4344-ba19-719f3120caa5
IP
104.18.70.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (815), with no line terminators
Size
733 B (733 bytes)
Hash
1267d72186f7c81605c93d9d631500e1
a715889f710a1d53a15c9304124fa963326f1d46
ec56e0e18ff6ee478d12f6e410de4b9f12eedf12fd41421cd41995e252970abd

HTTP Headers

GET /compose/f8b95454-f8e3-4344-ba19-719f3120caa5 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analyze.intezer.com/
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: 
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"ac88c5304aa280845b55f2c4156de388"
x-request-id: 872abddfff5db96e-SEA, 872abddfff5db96e-SEA
x-runtime: 0.010085
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAvxbSFMukCWzrMaQ6et2DAJPja5INdkAMGk8irFLLe3si9R5y%2BBCiES7syXWU0q%2FZaoTY2RJQSpZSgn5Lr%2BqYuMAlSQUVOHiD4qjCRrHojD2i3btrahSrkqDJrX61y29tA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 87937b8648ccb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a

104.26.0.188

200 OK

531 B

URL GET HTTP/2
api.getkoala.com/web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a
IP
104.26.0.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectgetkoala.com
Fingerprint50:5E:3F:57:B8:41:24:A6:47:4C:DD:43:08:EC:81:44:B9:F6:AC:52
ValidityMon, 26 Feb 2024 02:27:55 GMT - Sun, 26 May 2024 02:27:54 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (599), with no line terminators
Size
531 B (531 bytes)
Hash
b41f48b799a209660246b34287d9e255
02f5f510f61c9bbf73b47c05ff7a02a51576a240
bd3c2b453891ecdf5737b7ee790a3d6260fcc799e6fb71ca70ae10223cd246ad

HTTP Headers

GET /web/projects/pk_6c50e30c08715cfa57e9d6fd33965720122a HTTP/1.1
Host: api.getkoala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://analyze.intezer.com/
Origin: https://analyze.intezer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:52:12 GMT
content-type: application/json; charset=utf-8
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: public
etag: W/"e2a464f3574a149f0812eaa1bba10dfb"
last-modified: Mon, 23 Oct 2023 15:11:19 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept, Accept-Encoding, Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 1acdd983-82c5-4a8b-bbf9-16ec4cd297e6
x-runtime: 0.003983
x-xss-protection: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ln57cjxlegXcRACIHt2HPLuW31N9unCCKV%2FkMwrcJWaMBB1qSLn4%2FnNpIexE83IjghH%2Fxon6yppC6Bf6n%2BBAhEcu52Pjek0mRJGUfRtNctudGvBCP8rm%2B5MnVBocdrB4loE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87937b86c91956a9-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (1572)
Size
12 kB (11743 bytes)
Hash
66c210cf89516717b9b050a23109dd51
d0e4b53cf172dd7b834efbd456359c0d2fcf5ce9
631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 04:52:10 GMT
date: Wed, 24 Apr 2024 04:52:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.zdassets.com/ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5

104.18.72.113

200 OK

10 kB

URL GET HTTP/2
static.zdassets.com/ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://analyze.intezer.com/analyses/35414a7c-5ca3-485c-a122-d92e9aae35d2
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
FingerprintF8:AF:5C:DB:58:D5:35:9F:56:A0:A1:A2:92:FE:E3:BA:26:DA:5D:2D
ValiditySun, 03 Mar 2024 22:41:52 GMT - Sat, 01 Jun 2024 22:41:51 GMT

File type
JavaScript source, ASCII text, with very long lines (10187), with no line terminators
Size
10 kB (10187 bytes)
Hash
c0053b411b753138af468db1bd3b19f3
7c3a187aa58f2b9e5446edb761b3d4d2ba506fe7
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

HTTP Headers

GET /ekr/snippet.js?key=f8b95454-f8e3-4344-ba19-719f3120caa5 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://analyze.intezer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:52:11 GMT
content-type: application/javascript
x-amz-id-2: 4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
x-amz-request-id: 9X4B0G1GWNB25PJG
x-amz-replication-status: PENDING
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
etag: W/"c0053b411b753138af468db1bd3b19f3"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2Qisxy5J8OEZDw6OWE1BMTphHnWAUvYVpUPvwV755zFCxvX4eL%2BZcGc3two%2BhvJs2DNJHx7FGAQbSOYku8EzRR5CbT2Xpus%2BffZxRSwKBPrHJPheoEKCKDPWTZtENSMmT6EGvo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 87937b85d888b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML