www.aldeid.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner#%3A~%3Atext%3DOfficeMalScanner%20is%20a%20MS%20Office%2Ci...
Effective URL:
https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
Submission Tags: falconsandbox
Submission: On March 28 via api (March 28th 2022, 4:36:57 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 6 domains to perform 41 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.aldeid.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2021. Valid for: a year.

This is the only time www.aldeid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
5	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
12	2600:9000:215... 2600:9000:2156:cc00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 3	143.204.98.125 143.204.98.125	16509 (AMAZON-02) (AMAZON-02)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
41	11

12 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.aldeid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

aldeid.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2156:cc00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

tempest.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.125 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	disquscdn.com c.disquscdn.com — Cisco Umbrella Rank: 3786 a.disquscdn.com — Cisco Umbrella Rank: 8557	524 KB
12	aldeid.com www.aldeid.com	177 KB
9	disqus.com aldeid.disqus.com disqus.com — Cisco Umbrella Rank: 2846 tempest.services.disqus.com — Cisco Umbrella Rank: 12470 referrer.disqus.com — Cisco Umbrella Rank: 5784 reporting.services.disqus.com Failed	75 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 198	2 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1084	172 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 98	20 KB
41	6

	Domain	Requested by
12	c.disquscdn.com	aldeid.disqus.com disqus.com c.disquscdn.com
12	www.aldeid.com	www.aldeid.com
5	disqus.com	www.aldeid.com aldeid.disqus.com c.disquscdn.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.aldeid.com
2	cdn.taboola.com	www.aldeid.com cdn.taboola.com
2	referrer.disqus.com
2	www.google-analytics.com	www.aldeid.com www.google-analytics.com
1	a.disquscdn.com
1	tempest.services.disqus.com	aldeid.disqus.com
1	aldeid.disqus.com	www.aldeid.com
0	reporting.services.disqus.com Failed	www.aldeid.com
41	11

This site contains links to these domains. Also see Links.

Domain
www.mediawiki.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-31` - `2023-03-04`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-03` - `2023-02-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
Frame ID: 10FD7496039A885B5E4FF1C170344D08
Requests: 22 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
Frame ID: 08519761C7AEDC037BE4108694A36DB4
Requests: 15 HTTP requests in this frame

Frame: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.aldeid.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22aldeid%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=1385935&source_url=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&organization_id=1041034&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=aldeid&referrer_url=https%3A%2F%2Fwww.aldeid.com%2F&canonical_url&1648485413034
Frame ID: A3D1DC3E7B5C88D1A0C7645147C29F68
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OfficeMalScanner/OfficeMalScanner - aldeid

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

95 %
HTTPS

30 %
IPv6

6
Domains

11
Subdomains

11
IPs

2
Countries

970 kB
Transfer

2475 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mediawiki.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1648485413268&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1648485413268&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&c9=

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request OfficeMalScanner Show response
www.aldeid.com/wiki/OfficeMalScanner/ 48 KB
11 KB 281ms
216ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11ca21265e4f1bb23843d9aebf182c5b01ec84b62b6efcd50195d011245ebccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-language: en
vary: Accept-Encoding,Cookie
expires: Mon, 28 Mar 2022 16:36:51 GMT
cache-control: private, must-revalidate, max-age=0
last-modified: Thu, 16 Dec 2021 06:15:46 GMT
x-request-id: YkHkI_RK__GbzC0bXzJZMwAAABA
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRkI3mmHEfZFmrZspVL2vaPfDQac8yL002a5OiRciC1ZNZKnG6zn3EyIbGvKDiNf5BramGdrNAX8FufCUMoLIvgs7R4sRPpE7XXlM5vjjbIi17MBaVnnp2vxY1A%2Fc4ndh%2BsQbG1xvB%2B9Hntymg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f31c97d4f270fe6-MRS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 load.php
www.aldeid.com/w/ 38 KB
9 KB 186ms
185ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aldeid.com/w/load.php?lang=en&modules=ext.pygments%7Cskins.vector.styles.legacy&only=styles&skin=vector

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96340d64e749be959b91f54db5bc1a18fca18b4b523c9576e648f9dd6a29904

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: YkHkIxETShgIbY7R-zKqNwAAAAo
server: cloudflare
etag: W/"dkz33-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MWGsl12wRgs0HYvVjOYv%2FWdCSG4tBo946PrBCzvUoIpNgXXWWx56HrunDA7969cIV%2Fu6Rj8UtElHyvhz0HzRfmBpK5BBCB%2FdusC4zLNYBQQ%2BECYbxstiu%2F026pq6iZLXqaVS7cx%2FnLvB63xcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300
cf-ray: 6f31c97eca620fe6-MRS
link: <https://www.aldeid.com/aldeid.png>;rel=preload;as=image
expires: Mon, 28 Mar 2022 16:41:51 GMT

GET
H2 200 load.php Show response
www.aldeid.com/w/ 34 KB
12 KB 220ms
220ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aldeid.com/w/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94b8b205768979228dc50b60ea221508c53942725b2545790fbf3cc7f9febb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: YkHkI5BKna5SEB515iM92wAAABQ
server: cloudflare
etag: W/"5onr9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j698odkAMv6rij69dP%2FQY6stHrp6lgNZlNHqqiLHOM5TrufYBRjkFBAWnWMW3kfrK52a%2Bq1oAX%2BynQsktkiQX4vTqUj2cyznzOqtuUi9vbhe6OrOaRQYWp0rhUUiOYnXXOmTMCUMqdbZ2YhElQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
cf-ray: 6f31c97eca630fe6-MRS
expires: Mon, 28 Mar 2022 16:41:51 GMT

GET
H2 200 load.php
www.aldeid.com/w/ 126 B
505 B 166ms
166ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aldeid.com/w/load.php?lang=en&modules=site.styles&only=styles&skin=vector

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc786fde24b1923153f12862ee73f821dfadf57d9d37b0967fa725f3985d846b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: YkHkI-2SvGQYFAIxytBZ_QAAAAA
server: cloudflare
etag: W/"1148o-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLoRjtGTJgpSuSw6kq4R%2FpmwwEs%2F8mQSJ%2BlTW%2F4ZvadhoBLxj%2FgfGsVL8F%2BqhxvTEBho9fNAAGQj4AaUlZDYYbzVvnqiUoXHdROXrXzQG2TOXk4%2BMxcwTKEQ%2B7SY1It5ftNI22rLNZNJcNAdqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300
cf-ray: 6f31c97eca640fe6-MRS
expires: Mon, 28 Mar 2022 16:41:51 GMT

GET
H2 200 Officemalscanner-uncompress-zip.png
www.aldeid.com/w/images/1/16/ 5 KB
6 KB 106ms
105ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aldeid.com/w/images/1/16/Officemalscanner-uncompress-zip.png

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e330c854923de25e0c1f0e0ea027c7d6c89255ad674ceec518c53577f88a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5594
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 06:15:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YETb4sqi0iUsO%2Fc6zLBZuTqZ%2BHk2ZeDUFjmLmToAIWdO8rA0TRIxlQ8wLGehL6xrTj8ngftThe7WcQYmeLaeJ%2FS2MAAMZ01HPDPM%2BE31sVtsF4UcT1k58QU%2BfxFlxFkojRwf%2BTMRHjxZzTF4fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6f31c97eca680fe6-MRS

GET
H2 200 CFF-explorer-010.png
www.aldeid.com/w/images/3/38/ 23 KB
23 KB 124ms
123ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aldeid.com/w/images/3/38/CFF-explorer-010.png

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b86411b3b1ebe6062aea6fa9dbf1b5278e98db4234296adb4b0d7352997792e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23267
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 06:15:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VsLH%2FTm675snLG0n3cAK8mg3PFS2Pwgq9oyWy%2BUNa%2FWaTWsnadArlWvhV9RCD0RpylC22lQ6PLfEkKYnMAo38v0%2B9o5%2BguEaiwiucsrjYn9p2PapKKYjDsuLHEPVkJj2dGJHBRMJ4v8NYUgFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6f31c97eca6b0fe6-MRS

GET
H2 200 CFF-explorer-011.png
www.aldeid.com/w/images/e/e9/ 25 KB
26 KB 128ms
128ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aldeid.com/w/images/e/e9/CFF-explorer-011.png

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7783c7e027e1ce8f31194c9eebece12368b7232c89a48c8308d5008a02aa668a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25847
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Dec 2021 06:15:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX40Hgumac0WanuwLOOY3jas1mvtra2%2FJlK%2FcfS7JoA3VKE1K9zdVC7OXXDp1SfIjavX8PIuNiUWxU%2BpYl92suB5mqOjBAXpWWZZmOh8T%2F80YLrSa3%2B%2FRP7BlujGMFij7FhfWe3%2FhtiiKtzN%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6f31c97eca6c0fe6-MRS

GET
H2 200 email-decode.min.js Show response
www.aldeid.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
24ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aldeid.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Thu, 24 Mar 2022 11:29:35 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"623c561f-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TL8%2B5XSLCVxq4ZLLDG8D9Yzrz31qJoFZORP16Xz6DrvCUEy6MerwNNCM1HqVjYuFbNzSoh9PiESCo35Lh1WnMvc5WYRlRmoGdtLyD4qMLqgqUDcGkECAJfPn9WqIjl%2BsBuLy4fWkhFyatllT6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6f31c97eca660fe6-MRS
expires: Wed, 30 Mar 2022 16:36:51 GMT

GET
H3 200 aldeid.png
www.aldeid.com/ 10 KB
10 KB 34ms
34ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aldeid.com/aldeid.png

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d5098195883e558340fe546d97cd867a7f4523c2d36a76c93095d970fbf222

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9749
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Oct 2019 10:16:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIDevG%2FjmaD%2B6tuUHw4c5pHgmn%2BFufvRth9GpEXAMocz%2FEzWZweu%2B4sKEuk5c5Y%2FOqlNt7lS43Iop2pMK4fPiLw9%2FXnCIridQWwrJljNZwSx%2BWMkzaFMuC6PPGGZvNFg8Fmo9t4FpFIIOi9meA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6f31c97feb4c7348-MRS

GET
H3 200 bullet-icon.svg
www.aldeid.com/w/skins/Vector/resources/common/images/ 159 B
684 B 93ms
93ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aldeid.com/w/skins/Vector/resources/common/images/bullet-icon.svg?d4515

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/w/load.php?lang=en&modules=ext.pygments%7Cskins.vector.styles.legacy&only=styles&skin=vector

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2ae95e88a82be06108353d7174b1f9c18dd629e3aba1d149afcb39795335a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/w/load.php?lang=en&modules=ext.pygments%7Cskins.vector.styles.legacy&only=styles&skin=vector
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 15 Dec 2021 18:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StlewxTzAkYWxg6i4OxblMkfkJQI6mdQDGxOFgbpoz%2FajHfdkKiMQopeOt78vmym9RgU%2Bm3sVE%2FsNN16oB7ogwpE7cGRX%2Bf8DFmoNgYeEgzEbm4HkaI7%2FdX6gX8qRU0oePwe1wz98ZDhCz0a7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
cf-ray: 6f31c97ffb687348-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK embed.js Show response
aldeid.disqus.com/ 78 KB
25 KB 214ms
160ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://aldeid.disqus.com/embed.js

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

c3dfe6e8d786d81b9a5cf84386634bb715f3cbb4a6653e095d2393d80e974efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 16:36:52 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 25424
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3721
date: Mon, 28 Mar 2022 15:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 28 Mar 2022 17:34:50 GMT

GET
H/1.1 200
OK get_num_replies.js Show response
disqus.com/forums/aldeid/ 2 KB
2 KB 139ms
110ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/forums/aldeid/get_num_replies.js?

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9562bbb38b5684832b111c7b7617a20e613c2e9bbc5d3749f34b790284db3333

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.aldeid.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 28 Mar 2022 16:36:51 GMT
X-Content-Type-Options: nosniff
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Language: en-us
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Language, Cookie
Content-Length: 1536
X-XSS-Protection: 1; mode=block

GET
H3 200 search.svg
www.aldeid.com/w/skins/Vector/resources/common/images/ 280 B
756 B 39ms
39ms Image
image/svg+xml 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aldeid.com/w/skins/Vector/resources/common/images/search.svg?bbf78

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/w/load.php?lang=en&modules=ext.pygments%7Cskins.vector.styles.legacy&only=styles&skin=vector

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f6e4f6019dffc1ce266a7bb9ed185cdb7b46d4443a79f2f55c4daa2ebedcf7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/w/load.php?lang=en&modules=ext.pygments%7Cskins.vector.styles.legacy&only=styles&skin=vector
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Dec 2021 18:15:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcambLBiyNaGa7G5CQTxuDWpew1hJ1fbbGA9%2F6nexiAByxj5FJTWixUKGB8JtmxD9idaIjYXJiBhwMlK3bRMwmQY%2FR50bJO9jSVETLXw6u1IHXWCDFADCA5rX2nwN%2BYsVlH7uazyJWrYdaZj3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 6f31c9803c0d7348-MRS

GET
H3 200 load.php Show response
www.aldeid.com/w/ 263 KB
78 KB 135ms
135ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aldeid.com/w/load.php?lang=en&modules=jquery%2Csite%7Cjquery.client%2Ccookie%7Cmediawiki.String%2CTitle%2Capi%2Cbase%2Ccldr%2Ccookie%2CjqueryMsg%2Clanguage%2Ctoc%2Cutil%7Cmediawiki.libs.pluralruleparser%7Cmediawiki.page.ready%7Cskins.vector.legacy.js%7Cuser.defaults&skin=vector&version=1yenm

Requested by

Host: www.aldeid.com
URL: https://www.aldeid.com/w/load.php?lang=en&modules=startup&only=scripts&raw=1&skin=vector

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aacbddf361fd12923284f5a35a83ef87289bb5b9a73b09128e70342450dd6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: YkHkI1ZZuPFC-dT7yiR4HgAAAAI
server: cloudflare
etag: W/"1yenm-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmznSm1ijktBGKSQQhuQW6n%2FGFgjghs9wrtdA%2B5L3aEF08QVAYfdjMzQGCyTvQDjlk7ywB00J%2BJgNC0oSULTOPh0I8kk%2B5Px7EaCm3wnS8CLIZhkElgNDTr4cTT9U1MHqLFgQxa2t6onEIyYKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2592000, s-maxage=2592000
cf-ray: 6f31c9804c377348-MRS
expires: Wed, 27 Apr 2022 16:36:51 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=876785422&t=pageview&_s=1&dl=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&ul=en-us&de=UTF-8&dt=OfficeMalScanner%2FOfficeMalScanner%20-%20aldeid&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1663074657&gjid=175243450&cid=1409495020.1648485413&tid=UA-17436616-1&_gid=1728935560.1648485413&_r=1&_slc=1&z=1067015523

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aldeid.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Mar 2022 16:36:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aldeid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 46ms
8ms Other
text/css 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: aldeid.disqus.com
URL: https://aldeid.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594638
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: QM5t6_r7jXO9TXNbJl2f1DqTHz7va3WXxrR6FB8Tk9836no6zB9lqg==
x-cache-hits: 0

GET
H2 200 common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js
c.disquscdn.com/next/embed/ 0
93 KB 51ms
13ms Other
application/javascript 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Requested by

Host: aldeid.disqus.com
URL: https://aldeid.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1621202
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94746
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1721a"
content-type: application/javascript; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 3pwFDguM1vfPlG2CiSioOu3O4l7_EdNeNw-ZWCKxqh9Au9x9_Jlsdg==
x-cache-hits: 0

GET
H2 200 lounge.bundle.90614da243fa6052a038b5539f5086e5.js
c.disquscdn.com/next/embed/ 0
121 KB 58ms
20ms Other
application/javascript 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.90614da243fa6052a038b5539f5086e5.js

Requested by

Host: aldeid.disqus.com
URL: https://aldeid.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594638
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123045
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-1e0a5"
content-type: application/javascript; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 9AS1kv4h4rCdPpYI8hexiZWeofIfYk1HGXud063jm2xEO8BqM6Z5zA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 6ms
6ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: aldeid.disqus.com
URL: https://aldeid.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 16:36:52 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 51
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 0851 6 KB
4 KB 132ms
131ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default

Requested by

Host: aldeid.disqus.com
URL: https://aldeid.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

37e73ac65ddc5a2555add673ad18948f63f4cc1fca686f04c72810c062c75183

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/

Response headers

Connection: keep-alive
Content-Length: 2703
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Mon, 28 Feb 2022 21:14:12 GMT
ETag: W/"lounge:view:4252609048.630dbf2d0087c2f5074d37344868bdc0.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Mon, 28 Mar 2022 16:36:52 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK / Show response
tempest.services.disqus.com/ads-iframe/taboola/ 28 KB
10 KB 147ms
118ms XHR
text/html 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=aldeid&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230645ad&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&typeface=sans-serif&disqus_version=current
Requested by: Host: aldeid.disqus.com
URL: https://aldeid.disqus.com/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 23242e719fa364abab0b208a91bc0126d0edc286715d2f2e4f1acfd35dff9a91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 16:36:52 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding,
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Connection: keep-alive
Content-Length: 9429
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
339 B 116ms
97ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?imp=7rgc4q23srauvq&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=aldeid&zone=thread&version=31cd6fbd4797db790bc183cea2909ab5&page_url=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner%23%253A~%253Atext%253DOfficeMalScanner%2520is%2520a%2520MS%2520Office%252Cis%2520likely%2520to%2520be%2520malicious%253A%2526text%253DAPI-Hashing%2520signature&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=1385935

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 16:36:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 lounge.load.31cd6fbd4797db790bc183cea2909ab5.js Show response
c.disquscdn.com/next/embed/ Frame 0851 958 B
1 KB 23ms
7ms Script
application/javascript 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.31cd6fbd4797db790bc183cea2909ab5.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

93f2072c521fbd53054fe2a73577cff9b62b94dac4573502aacd93625d9d52fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594637
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 498
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-1f2"
content-type: application/javascript; charset=utf-8
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:15 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: F7a1HTRFqffKBYZUiJlYnhKX3jW4sU3vsPl74n5RdZyH6X-VmfGzEA==
x-cache-hits: 0

GET taboola
reporting.services.disqus.com/_log/ Frame A3D1 0
0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame A3D1 262 KB
44 KB 30ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by: Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc3527001d046dcec3328a3d74d1392e2e68e881130ec29782cdc8a508fa8163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id: 8jsGKdbBCeHHvg6VIr.L1pjEQnCqFh6T
content-encoding: gzip
etag: "72860c6397bfe5f7cb04cc7f39f3ce5b"
age: 17980
x-cache: HIT
content-length: 44104
x-amz-id-2: xHVKc+2o24LxBDBIErLWgYvBUIIuoIQmkL0A1VvAHwFixFvSMJ8uqfLahxQh3fyeurZFQksHYIo=
x-served-by: cache-hhn4030-HHN
last-modified: Mon, 28 Mar 2022 11:37:10 GMT
server: AmazonS3
x-timer: S1648485412.411574,VS0,VE0
date: Mon, 28 Mar 2022 16:36:52 GMT
vary: Accept-Encoding
x-amz-request-id: WWJYPA0JRYP8Z95J
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 54
x-cache-hits: 148

GET
H2 200 common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js Show response
c.disquscdn.com/next/embed/ Frame 0851 282 KB
93 KB 7ms
7ms Script
application/javascript 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.31cd6fbd4797db790bc183cea2909ab5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d9e28bf1814e0986b8e5b001e2c8d55d164f9cf8ee3ddc1ccf5560fe7053b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 22:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1621202
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94746
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 09 Mar 2022 21:55:40 GMT
server: nginx
etag: "6229225c-1721a"
content-type: application/javascript; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
expires: Thu, 09 Mar 2023 22:16:50 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: AKJXNYJHuNV8PQXW818eMOLFv0cYticwawcDAzS3Q-UsoQWjD47h_Q==
x-cache-hits: 0

GET
H2 200 lounge.63860eb743c7d9d2adf0fa435788abe7.css
c.disquscdn.com/next/embed/styles/ Frame 0851 165 KB
26 KB 7ms
7ms Stylesheet
text/css 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594638
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26078
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-65de"
content-type: text/css; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: MfplZbV4MOyoIJdsadyzPYXZSbnRZfB5CWQqLaGRrDYUXmQQnqKLEg==
x-cache-hits: 0

GET
H2 200 impl.20220328-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame A3D1 621 KB
129 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220328-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 04c71ba581c52d948d8adc639d4bffab7474bc943068a5df60a418718697fa2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id: nvPU0CpV2MhJQ.LJWIT1DTHBRai1.CKN
content-encoding: br
etag: "3246ba47c34d7a3f3609f4e5e833e228"
age: 19265
x-cache: HIT
content-length: 131360
x-amz-id-2: XGCXtqv1Hw0YWl9nCvQHMSO7RBpHrdO+1Ze2OLCLlo/PFvh2XHfp2+wee3zUS+BR4ZkYUbCGdvI=
x-served-by: cache-hhn4030-HHN
last-modified: Mon, 28 Mar 2022 11:14:00 GMT
server: AmazonS3-br
x-timer: S1648485412.449455,VS0,VE0
date: Mon, 28 Mar 2022 16:36:52 GMT
vary: Accept-Encoding
x-amz-request-id: NTQWWCE741VDFS75
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 25
x-cache-hits: 25825

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame A3D1 1 KB
1 KB 42ms
9ms Script
application/javascript 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-125.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 02:28:12 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 50929
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: u-yscJxB-J1vwTe0qEZP_7I2wNmPiu7wBSo6ddf8K7LrvSSoFfToBA==

GET
H2 200 lounge.bundle.90614da243fa6052a038b5539f5086e5.js Show response
c.disquscdn.com/next/embed/ Frame 0851 476 KB
121 KB 9ms
8ms Script
application/javascript 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.90614da243fa6052a038b5539f5086e5.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8771f93d2878d5532147d7d5356893babf64c7097f2cc390e4c0c8a61ac537b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 19:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594638
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 123045
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 21 Mar 2022 19:03:40 GMT
server: nginx
etag: "6238cc0c-1e0a5"
content-type: application/javascript; charset=utf-8
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
expires: Tue, 21 Mar 2023 19:26:14 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: sla2vyb5SDUl-bOTI-1aNZeY_T1GCZF5MPLGK5itFOXdOJmjPMtatg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 0851 14 KB
15 KB 8ms
7ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 16:36:52 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 51
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14710
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 0851 3 KB
3 KB 125ms
124ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=aldeid&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.9450cde9dd2c9d366781a8fc5ff6e933.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

995a32f19afacb69d7a3b89076827b5ab95caf834a5409f10e9835bad26f98cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 16:36:52 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3053
X-XSS-Protection: 1; mode=block

GET
H2

204

b2
sb.scorecardresearch.com/ Frame A3D1
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1648485413268&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1648485413268&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&c9=

0
223 B

9ms
9ms

Image
text/plain

143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1648485413268&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&c9=
Requested by: Host: www.aldeid.com
URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner
Protocol: H2
Server: 143.204.98.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-125.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.aldeid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:52 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: jTymiorzYSih_tPygMftULaibgcPfv0qnk-rDYSqpWInR65xmQIlcw==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 28 Mar 2022 16:36:52 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1648485413268&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&c9=
content-length: 210
x-amz-cf-id: VCknaqlITDGMQBEsyVEe9BMKj9G13MAWYNoe6vkbZphsN9MeP84jag==

GET
H2 200 noavatar92.png
a.disquscdn.com/1646863724/images/ Frame 0851 2 KB
2 KB 28ms
6ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1646863724/images/noavatar92.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 16:36:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1620507
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
content-length: 1644
x-amz-cf-id: 4aC2ax73f9sSGvAdwLplNs-rkt9laxRTnhRQF9PSPmqH3avNOsWvrg==
expires: Fri, 08 Apr 2022 22:28:25 GMT

GET
DATA 200
OK truncated
/ Frame 0851 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 0851 13 KB
13 KB 8ms
8ms Image
image/svg+xml 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 28864751
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: N7UiK68nJpjJWEA81E66wxEtQw56jlCZ_yWiFg4-GucWsU7qkvrH1A==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 0851 3 KB
3 KB 9ms
9ms Image
image/gif 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 04:58:07 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4621125
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 26 Jan 2022 21:59:15 GMT
server: nginx
etag: "61f1c433-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Fri, 03 Feb 2023 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: kf_vu9g1zDjlTW_CbVl-QY9hNm_LgZ_SflqJVdWBuwl_pBqVGsl09w==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 0851 2 KB
2 KB 9ms
8ms Image
image/png 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 16145344
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: v7yZhiOq2jleBlQcdd6KXWJ97dzbFGj8B2gW-9a47tftxTNUVKuYnA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 0851 8 KB
8 KB 7ms
6ms Font
application/octet-stream 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 17995114
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: w810XSVdTG1360b-PyhqbjaPm9KgVmJKkXJGCN-WO5bqx_P3sPis4g==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 0851 43 B
339 B 99ms
99ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=194&event=init_embed&thread=4252609048&forum=aldeid&forum_id=1385935&imp=7rgc4q23srauvq&thread_slug=officemalscannerofficemalscanner_03&user_type=anon&referrer=https%3A%2F%2Fwww.aldeid.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=aldeid&t_i=2495&t_u=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&t_d=OfficeMalScanner%2FOfficeMalScanner&t_t=OfficeMalScanner%2FOfficeMalScanner&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Mon, 28 Mar 2022 16:36:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 0851 13 KB
13 KB 7ms
7ms Image
image/svg+xml 2600:9000:2156:cc00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:cc00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.63860eb743c7d9d2adf0fa435788abe7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 28864751
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 27hVBGNmG_mRDaBsjvzcG0ubkGblYfyf-ms8hZgUqtzZ4uNbqY0MvA==
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: reporting.services.disqus.com
URL: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.aldeid.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22aldeid%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=1385935&source_url=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&organization_id=1041034&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=aldeid&referrer_url=https%3A%2F%2Fwww.aldeid.com%2F&canonical_url&1648485413034

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aldeid.com/	1970-01-20 19:25:57	Name: _ga Value: GA1.2.1409495020.1648485413
.aldeid.com/	1970-01-20 01:56:11	Name: _gid Value: GA1.2.1728935560.1648485413
.aldeid.com/	1970-01-20 01:54:45	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 19:11:33	Name: UID Value: 1719b6a2f5ffae8b616bc0c1648485412

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner(Line 760) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://disqus.com/forums/aldeid/get_num_replies.js?, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner(Line 760) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://disqus.com/forums/aldeid/get_num_replies.js?, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://www.aldeid.com/wiki/OfficeMalScanner/OfficeMalScanner Message: Access to XMLHttpRequest at 'https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.aldeid.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22aldeid%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=1385935&source_url=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&organization_id=1041034&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=aldeid&referrer_url=https%3A%2F%2Fwww.aldeid.com%2F&canonical_url&1648485413034' from origin 'https://www.aldeid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://reporting.services.disqus.com/_log/taboola?placement=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.aldeid.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22aldeid%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&is_taboola_named=false&language=en&colorscheme=light&typeface=sans-serif&variant=fallthrough&forum_id=1385935&source_url=https%3A%2F%2Fwww.aldeid.com%2Fwiki%2FOfficeMalScanner%2FOfficeMalScanner&organization_id=1041034&taboola_publisher_name=disqus-widget-safetylevel20longtail09&experiment=network_default&mode=thumbnails-a&position=top&shortname=aldeid&referrer_url=https%3A%2F%2Fwww.aldeid.com%2F&canonical_url&1648485413034 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
aldeid.disqus.com
c.disquscdn.com
cdn.taboola.com
disqus.com
referrer.disqus.com
reporting.services.disqus.com
sb.scorecardresearch.com
tempest.services.disqus.com
www.aldeid.com
www.google-analytics.com
reporting.services.disqus.com
143.204.98.125
151.101.193.44
151.101.64.134
199.232.192.134
199.232.192.64
199.232.196.134
199.232.198.49
2600:9000:2156:cc00:6:8656:f5c0:93a1
2a00:1450:4001:810::200e
2a06:98c1:3120::7
04c71ba581c52d948d8adc639d4bffab7474bc943068a5df60a418718697fa2a
0f6e4f6019dffc1ce266a7bb9ed185cdb7b46d4443a79f2f55c4daa2ebedcf7f
11ca21265e4f1bb23843d9aebf182c5b01ec84b62b6efcd50195d011245ebccf
23242e719fa364abab0b208a91bc0126d0edc286715d2f2e4f1acfd35dff9a91
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27e330c854923de25e0c1f0e0ea027c7d6c89255ad674ceec518c53577f88a13
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37e73ac65ddc5a2555add673ad18948f63f4cc1fca686f04c72810c062c75183
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d9e28bf1814e0986b8e5b001e2c8d55d164f9cf8ee3ddc1ccf5560fe7053b66
50d5098195883e558340fe546d97cd867a7f4523c2d36a76c93095d970fbf222
6b2ae95e88a82be06108353d7174b1f9c18dd629e3aba1d149afcb39795335a4
7783c7e027e1ce8f31194c9eebece12368b7232c89a48c8308d5008a02aa668a
8771f93d2878d5532147d7d5356893babf64c7097f2cc390e4c0c8a61ac537b3
8784042e14531617c1aef40d7623d3dd1d0b24730721c779e0c3ae86ed03990e
93f2072c521fbd53054fe2a73577cff9b62b94dac4573502aacd93625d9d52fd
94b8b205768979228dc50b60ea221508c53942725b2545790fbf3cc7f9febb19
9562bbb38b5684832b111c7b7617a20e613c2e9bbc5d3749f34b790284db3333
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
995a32f19afacb69d7a3b89076827b5ab95caf834a5409f10e9835bad26f98cd
9aacbddf361fd12923284f5a35a83ef87289bb5b9a73b09128e70342450dd6df
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
b79e342ee881ef2ab38b3f53ff291337ace2c939dd3dc7e44cb08f56e9c1cfb4
b86411b3b1ebe6062aea6fa9dbf1b5278e98db4234296adb4b0d7352997792e4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c3dfe6e8d786d81b9a5cf84386634bb715f3cbb4a6653e095d2393d80e974efc
c96340d64e749be959b91f54db5bc1a18fca18b4b523c9576e648f9dd6a29904
cc786fde24b1923153f12862ee73f821dfadf57d9d37b0967fa725f3985d846b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
fc3527001d046dcec3328a3d74d1392e2e68e881130ec29782cdc8a508fa8163

www.aldeid.com Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

95 %HTTPS

30 %IPv6

6 Domains

11 Subdomains

11 IPs

2 Countries

970 kBTransfer

2475 kBSize

4 Cookies

1 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.aldeid.com Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

95 %
HTTPS

30 %
IPv6

6
Domains

11
Subdomains

11
IPs

2
Countries

970 kB
Transfer

2475 kB
Size

4
Cookies

41 HTTP transactions
1 data transactions