minerva-labs.com Open in urlscan Pro
67.205.167.225  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/	129 KB 23 KB	392ms 199ms	Document text/html	67.205.167.225 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.167.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 753902.cloudwaysapps.com Software nginx / Resource Hash 4f9327d88bbc6affd14e962e6001950a706d7a9e7105f141c790aa845f5cc101 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 8936 cache-control max-age=0 cache-provider CLOUDWAYS-CACHE-DE content-encoding gzip content-length 23280 content-type text/html; charset=utf-8 date Tue, 14 Feb 2023 19:49:43 GMT expires Tue, 14 Feb 2023 17:20:47 GMT last-modified Tue, 14 Feb 2023 13:20:31 GMT server nginx vary Accept-Encoding x-cache HIT
GET H2	200	owl.carousel.min.css 586202317.r.cdnsun.net/wp-includes/css/	4 KB 2 KB	265ms 59ms	Stylesheet text/css	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-includes/css/owl.carousel.min.css Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash aa08607bf345854d6f1947653166c745a55caca237c2900cf6502248b258dda5 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Tue, 27 Dec 2022 13:39:43 GMT server nginx x-edge-location Budapest, HU etag W/"63aaf59f-1067" vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 4074322 x-storage 3004124:8001
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 27 KB	32ms 12ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 442845 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27433 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzO%2FIE5E1NN4hbSdrKhlpHFgDUc6jMm1yrpVRfJ5Azku2ThYHEoRcqPs0CLJm2lfQkILrBHu%2F4tV8DZbfYbKRVRPrlMzOxpmW7OM3nz7aMznKKZhJptS0JodBKwD29rWh%2BXf9TvCVgjB5krE7aYXJG7R"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79985426980835df-FRA expires Sun, 04 Feb 2024 19:49:44 GMT
GET H2	200	owl.carousel.min.js Show response cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/	43 KB 10 KB	14ms 13ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 971033 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10158 last-modified Mon, 04 May 2020 16:04:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03cf0-ad36" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8cm3%2BPKORUCTw06Toon5XodbCU%2FpYSKgcXaGq1bSS5rFOlkRXsLb45vkw3rDkQkJosJPQZHa9z9gCxasR28eTjPIBg8uZ3Rvpw7ePoepoawdMfEPABPFt6gWtcgGWHnEoBVDbetBRkD%2B%2Bf8tgOByUPI"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 799854288ad735df-FRA expires Sun, 04 Feb 2024 19:49:44 GMT
GET H2	200	style.min.css 586202317.r.cdnsun.net/wp-includes/css/dist/block-library/	87 KB 12 KB	271ms 65ms	Stylesheet text/css	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:41:34 GMT server nginx x-edge-location Budapest, HU etag W/"62ea6cfe-15b64" vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	style-index.css 586202317.r.cdnsun.net/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/	70 B 351 B	265ms 59ms	Stylesheet text/css	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1659530494 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:41:34 GMT server nginx x-edge-location Budapest, HU etag W/"62ea6cfe-46" vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	styles.css 586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/css/	3 KB 1 KB	266ms 61ms	Stylesheet text/css	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Mon, 05 Sep 2022 06:17:26 GMT server nginx x-edge-location Budapest, HU etag W/"63159476-aab" vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	cookieblocker.min.css 586202317.r.cdnsun.net/wp-content/plugins/complianz-gdpr/assets/css/	3 KB 999 B	266ms 60ms	Stylesheet text/css	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.3.5 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash e13d3a18aa784b8c80d6f2e2416b289eed0b3cadbd2db46562045bab4c45126c Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 11:37:20 GMT server nginx x-edge-location Budapest, HU etag W/"637e05f0-aa3" vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	swiper-bundle.min.css 586202317.r.cdnsun.net/wp-content/themes/minerva/js/swiper/	16 KB 5 KB	267ms 61ms	Stylesheet text/css	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/js/swiper/swiper-bundle.min.css?ver=6.0.2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash d519e904f38d7cf39624a5d9277264b13151dce88586aa8c10763fd29235c220 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Fri, 09 Dec 2022 10:41:53 GMT server nginx x-edge-location Budapest, HU etag W/"639310f1-4052" vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	site-variables.css 586202317.r.cdnsun.net/wp-content/themes/minerva/css/	266 B 464 B	265ms 60ms	Stylesheet text/css	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/site-variables.css?ver=6.0.2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 7bb348d8535f98bb86d86734f61c6260afbbc82026e0ab49de6e7e14ad0301d9 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:41:02 GMT server nginx x-edge-location Budapest, HU etag W/"62ea6cde-10a" vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	site.css 586202317.r.cdnsun.net/wp-content/themes/minerva/css/	138 KB 24 KB	275ms 70ms	Stylesheet text/css	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/site.css?ver=6.0.2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 5a382fb66bab8aad4ff931715bdb7d74f7049da881fa7d61282c2163c6521880 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Thu, 08 Dec 2022 10:23:09 GMT server nginx x-edge-location Budapest, HU etag W/"6391bb0d-22754" vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	swiper-bundle.min.js Show response 586202317.r.cdnsun.net/wp-content/themes/minerva/js/swiper/	140 KB 39 KB	333ms 128ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/js/swiper/swiper-bundle.min.js?ver=1 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Fri, 09 Dec 2022 10:41:54 GMT server nginx x-edge-location Budapest, HU etag W/"639310f2-22ede" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572947 x-storage 3004124:8001
GET H2	200	lib.js Show response 586202317.r.cdnsun.net/wp-content/themes/minerva/js/	971 B 753 B	320ms 115ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/js/lib.js?ver=1 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 8eeacc8e6a49f1e75130b6f5e6f5c26bfd87b8eb9228e7412fb182894da4e8c7 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Fri, 09 Dec 2022 10:41:47 GMT server nginx x-edge-location Budapest, HU etag W/"639310eb-3cb" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572947 x-storage 3004124:8001
GET H2	200	site_tracking.js Show response 586202317.r.cdnsun.net/wp-content/plugins/activecampaign-subscription-forms/	1 KB 928 B	326ms 122ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=6.0.2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:41:32 GMT server nginx x-edge-location Budapest, HU etag W/"62ea6cfc-57b" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572947 x-storage 3004124:8001
GET H2	200	index.js Show response 586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/swv/js/	9 KB 3 KB	324ms 120ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Mon, 05 Sep 2022 06:17:26 GMT server nginx x-edge-location Budapest, HU etag W/"63159476-25d0" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572946 x-storage 3004124:8001
GET H2	200	index.js Show response 586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/js/	12 KB 4 KB	322ms 119ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Mon, 05 Sep 2022 06:17:26 GMT server nginx x-edge-location Budapest, HU etag W/"63159476-2fb3" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572946 x-storage 3004124:8001
GET H2	200	custom.js Show response 586202317.r.cdnsun.net/wp-content/themes/minerva/js/	17 KB 4 KB	325ms 121ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/js/custom.js?ver=1 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash d106f3a248ddb3ef5d2287fdfcaa7d404a55f75ca05132be1fc9eb5aebc28bdb Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Fri, 09 Dec 2022 10:54:55 GMT server nginx x-edge-location Budapest, HU etag W/"639313ff-4481" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572945 x-storage 3004124:8001
GET H2	200	ajaxposts.js Show response 586202317.r.cdnsun.net/wp-content/themes/minerva/js/	3 KB 1 KB	320ms 116ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/js/ajaxposts.js?ver=6.0.2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash b3309b42777eae75311a8fbeffcd7f3eae2fc042d0992ccdbcb62bfb5b3a6451 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Fri, 09 Dec 2022 12:42:30 GMT server nginx x-edge-location Budapest, HU etag W/"63932d36-a0e" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572945 x-storage 3004124:8001
GET H2	200	breeze-lazy-load.min.js Show response 586202317.r.cdnsun.net/wp-content/plugins/breeze/assets/js/js-front-end/	7 KB 4 KB	326ms 123ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/breeze/assets/js/js-front-end/breeze-lazy-load.min.js?ver=2.0.10 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 3abb2e59349a3cd1748f36a0e00771d600b22fb1ee8e2a3086dba9d359786217 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Tue, 25 Oct 2022 14:16:03 GMT server nginx x-edge-location Budapest, HU etag W/"6357efa3-1c89" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 1221186 x-storage 3004124:8001
GET H2	200	smush-lazy-load.min.js Show response 586202317.r.cdnsun.net/wp-content/plugins/wp-smushit/app/assets/js/	8 KB 4 KB	321ms 118ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.4 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Sun, 27 Nov 2022 10:11:26 GMT server nginx x-edge-location Budapest, HU etag W/"638337ce-1ef2" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572945 x-storage 3004124:8001
GET H2	200	complianz.min.js Show response 586202317.r.cdnsun.net/wp-content/plugins/complianz-gdpr/cookiebanner/js/	47 KB 11 KB	64ms 64ms	Script application/javascript	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.5 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 667cf079e0c4ea0eac896d368aacf29aa7b4a53f1a1685e14748840ed70a67b0 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 23 Nov 2022 11:37:20 GMT server nginx x-edge-location Budapest, HU etag W/"637e05f0-bde8" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572944 x-storage 3004124:8001
GET H2	200	wp-emoji-release.min.js Show response minerva-labs.com/wp-includes/js/	18 KB 5 KB	122ms 121ms	Script application/javascript	67.205.167.225 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://minerva-labs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.167.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 753902.cloudwaysapps.com Software nginx / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:41:33 GMT server nginx etag W/"62ea6cfd-48b9" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	gtm.js Show response www.googletagmanager.com/	227 KB 79 KB	162ms 61ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WJ4TZK Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 147fe2627e0245a92afeb5ad636835aab10a826a7b333ae0fdedd640e6b744f8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80641 x-xss-protection 0 last-modified Tue, 14 Feb 2023 18:22:47 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 14 Feb 2023 19:49:44 GMT
GET DATA	200 OK	truncated /	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	arr-submenu.png 586202317.r.cdnsun.net/wp-content/uploads/2022/06/	152 B 421 B	58ms 58ms	Image image/png	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/06/arr-submenu.png Requested by Host: 586202317.r.cdnsun.net URL: https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/site.css?ver=6.0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 4d5c848c1426167c78f19dfe0712f224efd0e641799819b6f5d7b7c40c72bf5c Request headers accept-language de-DE,de;q=0.9 Referer https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/site.css?ver=6.0.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Sun, 27 Nov 2022 10:18:54 GMT server nginx x-edge-location Budapest, HU etag "6383398e-98" x-cache HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597400 accept-ranges bytes content-length 152 x-storage 3004124:8001
GET H2	200	plus-jakarta-sans-v2-latin-500.woff2 586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/	11 KB 11 KB	183ms 65ms	Font application/font-woff2	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/plus-jakarta-sans-v2-latin-500.woff2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash a3ddfd67a9a445b14261ba2d72e58584be48af882792d27abaf159f96d0045d3 Request headers Referer https://minerva-labs.com/ Origin https://minerva-labs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 03 Aug 2022 12:40:08 GMT server nginx x-edge-location Budapest, HU etag "62ea6ca8-2a3c" x-cache HIT content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572942 accept-ranges bytes content-length 10812 x-storage 3004124:8001
GET H2	200	plus-jakarta-sans-v2-latin-700.woff2 586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/	11 KB 11 KB	191ms 73ms	Font application/font-woff2	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/plus-jakarta-sans-v2-latin-700.woff2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash ff11e55bfe10389758e1bf9193b8b72df0fcfffc93d285b84ec620313d5c253f Request headers Referer https://minerva-labs.com/ Origin https://minerva-labs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 03 Aug 2022 12:41:15 GMT server nginx x-edge-location Budapest, HU etag "62ea6ceb-2a38" x-cache HIT content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572942 accept-ranges bytes content-length 10808 x-storage 3004124:8001
GET H2	200	plus-jakarta-sans-v2-latin-regular.woff2 586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/	10 KB 10 KB	186ms 69ms	Font application/font-woff2	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/plus-jakarta-sans-v2-latin-regular.woff2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash deeb6f39525157ea35bd78f27177c7d5f62e42b20a48b96788c063a150dbe932 Request headers Referer https://minerva-labs.com/ Origin https://minerva-labs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 03 Aug 2022 12:39:55 GMT server nginx x-edge-location Budapest, HU etag "62ea6c9b-28b0" x-cache HIT content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572942 accept-ranges bytes content-length 10416 x-storage 3004124:8001
GET H2	200	Mask-Group-7256-4.jpg 586202317.r.cdnsun.net/wp-content/uploads/2022/06/	54 KB 54 KB	64ms 64ms	Image image/jpeg	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/06/Mask-Group-7256-4.jpg Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 11568d9e1e534bc0832025072adf5e454ebf4d54e6db15c3489c4784b703b9b6 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 19 Oct 2022 11:31:02 GMT server nginx x-edge-location Budapest, HU etag "634fdff6-d78b" x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 accept-ranges bytes content-length 55179 x-storage 3004124:8001
GET H2	200	Beep-malware-2-1.webp 586202317.r.cdnsun.net/wp-content/uploads/2023/02/	62 KB 62 KB	82ms 82ms	Image image/webp	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2023/02/Beep-malware-2-1.webp Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash ae53371d0523e6bf7b50eea545dd42865f39fce2ef4c8d7766941212e8045b9e Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Tue, 14 Feb 2023 06:57:21 GMT server nginx x-edge-location Budapest, HU etag "63eb30d1-f69c" x-cache HIT content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 45491 accept-ranges bytes content-length 63132 x-storage 3004124:8001
GET H2	200	plus-jakarta-sans-v2-latin-800.woff2 586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/	10 KB 11 KB	186ms 77ms	Font application/font-woff2	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/plus-jakarta-sans-v2-latin-800.woff2 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 83b0bc1b393f33f405a3c5b9452a32730637225f0e3831b7814d9bbe698c4d9f Request headers Referer https://minerva-labs.com/ Origin https://minerva-labs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 03 Aug 2022 12:39:50 GMT server nginx x-edge-location Budapest, HU etag "62ea6c96-2928" x-cache HIT content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572942 accept-ranges bytes content-length 10536 x-storage 3004124:8001
GET H2	200	widget.js Show response cdn.userway.org/	1 KB 1 KB	179ms 18ms	Script application/javascript	2a02:6ea0:cb00::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widget.js Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash b1932b90bf81755c4d47f2f65671488c5263891f04ec3096fb483e33d9e23e95 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers x-77-pop viennaAT date Tue, 14 Feb 2023 19:49:44 GMT via 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop VIE50-C2 age 1070 x-amz-server-side-encryption AES256 x-cache HIT x-77-cache HIT x-age 1837 x-77-nzt Abm0DAbZrdP/LQcAAA x-accel-expires @1676405947 last-modified Tue, 14 Feb 2023 10:59:33 GMT server CDN77-Turbo etag W/"0b6e64b198945a1bfba2dcc404c1648c" x-77-nzt-ray fefc880d99135ee6d8e5eb63e801bc24 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=3600, public vary Accept-Encoding x-amz-cf-id t5_zd_LhfcN-euhCpr_wK8KaP7Ng6XScWqvBwNClWRE8F6A_xXM0DQ==
GET H2	200	baroncapital-featureimage-1-149x83.webp 586202317.r.cdnsun.net/wp-content/uploads/2023/01/	2 KB 2 KB	72ms 70ms	Image image/webp	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2023/01/baroncapital-featureimage-1-149x83.webp Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 6f77f72e501eb5686f2d1352bd5bddb84635a5484e84d981016d60c20816c10a Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Mon, 09 Jan 2023 09:20:18 GMT server nginx x-edge-location Budapest, HU etag "63bbdc52-86a" x-cache HIT content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 3134352 accept-ranges bytes content-length 2154 x-storage 3004124:8001
GET H2	200	November-Ransomware-Simulation-Webinar-688x387-1-149x83.webp 586202317.r.cdnsun.net/wp-content/uploads/2022/12/	3 KB 3 KB	79ms 76ms	Image image/webp	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/12/November-Ransomware-Simulation-Webinar-688x387-1-149x83.webp Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 828c25b87e1df68fee2f3fbb9d03982a877fb156245a5555646583216559e1f6 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Thu, 15 Dec 2022 08:20:53 GMT server nginx x-edge-location Budapest, HU etag "639ad8e5-a5e" x-cache HIT content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 4926670 accept-ranges bytes content-length 2654 x-storage 3004124:8001
GET H2	200	Screenshot-from-2022-11-14-11-11-25-1-149x83.png 586202317.r.cdnsun.net/wp-content/uploads/2022/11/	9 KB 9 KB	77ms 75ms	Image image/png	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/11/Screenshot-from-2022-11-14-11-11-25-1-149x83.png Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 2d2a99b0b8750e8552dd63e014275fbd774e22cbe30bb6bb0dbff570eecab1aa Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 16 Nov 2022 14:16:22 GMT server nginx x-edge-location Budapest, HU etag "6374f0b6-239b" x-cache HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 4266120 accept-ranges bytes content-length 9115 x-storage 3004124:8001
GET H2	200	What-mkes-ransomware-different-149x83.jpg 586202317.r.cdnsun.net/wp-content/uploads/2022/09/	4 KB 4 KB	81ms 79ms	Image image/jpeg	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/09/What-mkes-ransomware-different-149x83.jpg Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 7aa88f3ab4a5bd424ee9d4bd527f72b5dfe6d67f9f60c8653fec6271b835dd6c Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Sun, 27 Nov 2022 10:12:37 GMT server nginx x-edge-location Budapest, HU etag "63833815-ec7" x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597401 accept-ranges bytes content-length 3783 x-storage 3004124:8001
GET H2	200	Extending-Security-Services-for-MSPs-149x83.jpg 586202317.r.cdnsun.net/wp-content/uploads/2022/09/	4 KB 4 KB	73ms 71ms	Image image/jpeg	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/09/Extending-Security-Services-for-MSPs-149x83.jpg Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 4b7fe27fba9c4d04f48014b8fce2bda8996a98e2705f7e7486b1ecbe5326b46c Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Sun, 27 Nov 2022 10:12:37 GMT server nginx x-edge-location Budapest, HU etag "63833815-e90" x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597401 accept-ranges bytes content-length 3728 x-storage 3004124:8001
GET H2	200	layers2.svg 586202317.r.cdnsun.net/wp-content/uploads/2022/06/	1 KB 821 B	72ms 70ms	Image image/svg+xml	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/06/layers2.svg Requested by Host: 586202317.r.cdnsun.net URL: https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/site.css?ver=6.0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash d4bb794b6f4a942d580862682a2b38bd936af34aca7b9e251ffb862ed2f9dc40 Request headers accept-language de-DE,de;q=0.9 Referer https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/site.css?ver=6.0.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:39:38 GMT server nginx x-edge-location Budapest, HU etag W/"62ea6c8a-5b4" vary Accept-Encoding x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597400 x-storage 3004124:8001
GET H2	200	baroncapital-featureimage-1-356x200.webp 586202317.r.cdnsun.net/wp-content/uploads/2023/01/	7 KB 8 KB	83ms 82ms	Image image/webp	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2023/01/baroncapital-featureimage-1-356x200.webp Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash c11188885efc21828629246836601198cfade31f4d188b29e032b8c23efe0230 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Mon, 09 Jan 2023 09:20:18 GMT server nginx x-edge-location Budapest, HU etag "63bbdc52-1dd0" x-cache HIT content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 3134352 accept-ranges bytes content-length 7632 x-storage 3004124:8001
GET H2	200	November-Ransomware-Simulation-Webinar-688x387-1-356x200.webp 586202317.r.cdnsun.net/wp-content/uploads/2022/12/	8 KB 8 KB	80ms 79ms	Image image/webp	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/12/November-Ransomware-Simulation-Webinar-688x387-1-356x200.webp Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash aecd8ddeef60ad753e993b2ef30e51dfbb611bc5092221fba5ed96bc88ac9efb Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Thu, 15 Dec 2022 08:20:53 GMT server nginx x-edge-location Budapest, HU etag "639ad8e5-1f10" x-cache HIT content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 4926670 accept-ranges bytes content-length 7952 x-storage 3004124:8001
GET H2	200	Screenshot-from-2022-11-14-11-11-25-1-356x200.png 586202317.r.cdnsun.net/wp-content/uploads/2022/11/	36 KB 36 KB	87ms 86ms	Image image/png	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/11/Screenshot-from-2022-11-14-11-11-25-1-356x200.png Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 4a5afb1264385e9d1162afc81dbe2cdb2b878a2f15379e18d1b3fdf01b362ae7 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 16 Nov 2022 14:16:22 GMT server nginx x-edge-location Budapest, HU etag "6374f0b6-8f85" x-cache HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 4266120 accept-ranges bytes content-length 36741 x-storage 3004124:8001
GET H2	200	Group-7138.jpg 586202317.r.cdnsun.net/wp-content/uploads/2022/05/	8 KB 8 KB	96ms 95ms	Image image/jpeg	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/05/Group-7138.jpg Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 8632a04df4ec1317069cced587c07b002ce3ef789a936e36fd325f3840dd8f34 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 04 Jan 2023 07:02:23 GMT server nginx x-edge-location Budapest, HU etag "63b5247f-1f2b" x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 3586264 accept-ranges bytes content-length 7979 x-storage 3004124:8001
GET H2	200	dots3.svg 586202317.r.cdnsun.net/wp-content/uploads/2022/06/	10 KB 887 B	96ms 96ms	Image image/svg+xml	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/06/dots3.svg Requested by Host: 586202317.r.cdnsun.net URL: https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/site.css?ver=6.0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash e0d5aea0bfb73c9e25d43b15a6edf70da339348da785231c3cb305776b98d0c8 Request headers accept-language de-DE,de;q=0.9 Referer https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/site.css?ver=6.0.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:40:51 GMT server nginx x-edge-location Budapest, HU etag W/"62ea6cd3-28a7" vary Accept-Encoding x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597400 x-storage 3004124:8001
GET H2	200	footer.jpg 586202317.r.cdnsun.net/wp-content/uploads/2022/06/	15 KB 15 KB	101ms 100ms	Image image/jpeg	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/06/footer.jpg Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash 8e1db6e8030861d1e6f48d2442d883cde8823e6f9fb7cc31da05cc30a9e2c502 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 04 Jan 2023 07:01:32 GMT server nginx x-edge-location Budapest, HU etag "63b5244c-3b47" x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 3586264 accept-ranges bytes content-length 15175 x-storage 3004124:8001
GET H2	200	fontello.woff 586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/	4 KB 4 KB	148ms 70ms	Font application/font-woff	185.94.190.147 M247
General Check archive.org Show headers Download Go to Full URL https://586202317.r.cdnsun.net/wp-content/themes/minerva/css/fonts/fontello.woff?87723384 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash b297e01b93876ce7cea52e65499304d5e23cd129d60b740c3a60d8901d26b06b Request headers Referer https://minerva-labs.com/ Origin https://minerva-labs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Thu, 04 Aug 2022 08:42:08 GMT server nginx x-edge-location Budapest, HU etag "62eb8660-100c" x-cache HIT content-type application/font-woff access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5572941 accept-ranges bytes content-length 4108 x-storage 3004124:8001
GET H2	200	Minerva-labs-logo-white.svg 586202317.r.cdnsun.net/wp-content/uploads/2022/08/	11 KB 6 KB	82ms 81ms	Image image/svg+xml	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/08/Minerva-labs-logo-white.svg Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash b21a185d1b81e14f7dfebdaf3ca1b7d67bb7936ca3a9c06ead25f4ec7445b236 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:40:21 GMT server nginx x-edge-location Budapest, HU etag W/"62ea6cb5-2c50" vary Accept-Encoding x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	Group-6741.svg 586202317.r.cdnsun.net/wp-content/uploads/2022/05/	466 B 567 B	81ms 80ms	Image image/svg+xml	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2022/05/Group-6741.svg Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash d71e61ebf9f3e861f81ec181200d6cbde66a14942d508b2e019b4f956bf7e1b4 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Wed, 03 Aug 2022 12:39:59 GMT server nginx x-edge-location Budapest, HU etag W/"62ea6c9f-1d2" vary Accept-Encoding x-cache HIT content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 5597402 x-storage 3004124:8001
GET H2	200	93bb2a2a4de79e71a8453800bc85ff74 secure.gravatar.com/avatar/	1 KB 2 KB	37ms 7ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gravatar.com/avatar/93bb2a2a4de79e71a8453800bc85ff74?s=96&d=mm&r=g Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers x-nc HIT hhn 2 date Tue, 14 Feb 2023 19:49:44 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type image/jpeg access-control-allow-origin * cache-control max-age=300 content-disposition inline; filename="93bb2a2a4de79e71a8453800bc85ff74.png" accept-ranges bytes link <https://www.gravatar.com/avatar/93bb2a2a4de79e71a8453800bc85ff74?s=96&d=mm&r=g>; rel="canonical" content-length 1528 expires Tue, 14 Feb 2023 19:54:44 GMT
GET H2	200	banner-1-optin.css minerva-labs.com/wp-content/uploads/complianz/css/	15 KB 3 KB	121ms 121ms	Stylesheet text/css	67.205.167.225 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://minerva-labs.com/wp-content/uploads/complianz/css/banner-1-optin.css?v=22 Requested by Host: 586202317.r.cdnsun.net URL: https://586202317.r.cdnsun.net/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.3.5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.167.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 753902.cloudwaysapps.com Software nginx / Resource Hash 403b5c0dd4679c9a7a7b497331648a738770d054eedf11d38afb1b039fc4cd1b Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip last-modified Tue, 13 Dec 2022 16:05:44 GMT server nginx etag W/"6398a2d8-3c86" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	schema Show response minerva-labs.com/wp-json/contact-form-7/v1/contact-forms/2766/feedback/	232 B 617 B	246ms 245ms	Fetch application/json	67.205.167.225 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://minerva-labs.com/wp-json/contact-form-7/v1/contact-forms/2766/feedback/schema Requested by Host: 586202317.r.cdnsun.net URL: https://586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.167.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 753902.cloudwaysapps.com Software nginx / Resource Hash 90c0e9d9581fc922ac72bcac3ba7062af9257cf7161471a06ef5d0b7212c3b13 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, */*;q=0.1 Referer https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip x-content-type-options nosniff server nginx allow GET vary Origin,Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control no-cache, max-age=0 x-robots-tag noindex link <https://minerva-labs.com/wp-json/>; rel="https://api.w.org/" content-length 168 access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type expires Tue, 14 Feb 2023 19:49:44 GMT
GET H2	200	schema Show response minerva-labs.com/wp-json/contact-form-7/v1/contact-forms/2835/feedback/	232 B 617 B	259ms 258ms	Fetch application/json	67.205.167.225 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://minerva-labs.com/wp-json/contact-form-7/v1/contact-forms/2835/feedback/schema Requested by Host: 586202317.r.cdnsun.net URL: https://586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.167.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 753902.cloudwaysapps.com Software nginx / Resource Hash 90c0e9d9581fc922ac72bcac3ba7062af9257cf7161471a06ef5d0b7212c3b13 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, */*;q=0.1 Referer https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip x-content-type-options nosniff server nginx allow GET vary Origin,Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control no-cache, max-age=0 x-robots-tag noindex link <https://minerva-labs.com/wp-json/>; rel="https://api.w.org/" content-length 168 access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type expires Tue, 14 Feb 2023 19:49:44 GMT
GET H2	200	widget_app_base_1676372168179.js Show response cdn.userway.org/widgetapp/2023-02-14/	130 KB 38 KB	26ms 25ms	Script application/javascript	2a02:6ea0:cb00::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-02-14/widget_app_base_1676372168179.js Requested by Host: cdn.userway.org URL: https://cdn.userway.org/widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 8699d3fec2aeb61fe955906cf00acec8911893a64ceac5ded485f3cbba80b746 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers x-77-pop viennaAT date Tue, 14 Feb 2023 19:49:44 GMT via 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop VIE50-C2 age 582 x-amz-server-side-encryption AES256 x-cache HIT x-77-cache HIT x-age 31132 x-77-nzt Abm0DAY4pyX/nHkAAA x-accel-expires @1702293052 last-modified Tue, 14 Feb 2023 10:59:30 GMT server CDN77-Turbo etag W/"59c063b0b91659bbcb179718b0c69259" x-77-nzt-ray fefc880d99135ee6d8e5eb6337590729 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id VFbherBMsv1B9b_65laX7o9sZh57qP1UM0zP7LCVWT7UK5BMFtQOgQ==
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/645485640/	2 KB 1 KB	146ms 58ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/645485640/?random=1676404184706&cv=11&fst=1676404184706&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fminerva-labs.com%2Fblog%2Fbeepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware%2F&tiba=Beepin%27%20Out%20of%20the%20Sandbox%3A%20Analyzing%20a%20New%2C%20Extremely%20Evasive%20Malware&auid=1928284465.1676404185&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ4TZK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c5fa462c5b2a434ec3bce569a3ba74f64dd8e9dc60c82587225fcea836812af5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers pragma no-cache date Tue, 14 Feb 2023 19:49:44 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 951 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	132ms 41ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ4TZK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 14 Feb 2023 18:54:50 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 3294 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 14 Feb 2023 20:54:50 GMT
GET H2	200	amplitude-8.5.0-min.gz.js Show response cdn.amplitude.com/libs/	68 KB 22 KB	70ms 10ms	Script application/javascript	52.222.206.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.206.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-206-118.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4 Request headers Referer https://minerva-labs.com/ Origin https://minerva-labs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:48:33 GMT content-encoding gzip via 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront) x-amz-version-id NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3 x-amz-cf-pop FRA56-P3 age 8359272 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 22154 last-modified Fri, 13 Aug 2021 22:37:42 GMT server AmazonS3 etag "660c3b546f2a131de50b69b91f26c636" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id nHL3h18y1kZ4PjdmLkjciDs3VnFDeYwOwIDrD55W9n3neUlvjUBujQ==
GET H2	200	diffuser.js Show response diffuser-cdn.app-us1.com/diffuser/	24 KB 6 KB	89ms 24ms	Script application/javascript	2606:4700::6811:915b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip via 1.1 182732bb63f7d4f88e7cac0874b0cfee.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop AMS50-C1 age 297 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 21 Oct 2021 17:42:06 GMT server cloudflare etag W/"4d482a43613d3966f353ec9d97452e0c" vary Accept-Encoding content-type application/javascript cache-control public, max-age=300 cf-ray 7998542ad9303665-FRA x-amz-cf-id vIDNUzb8xoebxxKnEeFBU7c2h7v5J2vLzdjpRg8UMeHOMSOxTWuXdg==
GET H2	200	jtzQQ0sIQBy7PU3724A6 Show response ws.zoominfo.com/pixel/	3 KB 2 KB	265ms 203ms	Script text/javascript	2606:4700::6810:650c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/jtzQQ0sIQBy7PU3724A6 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash f055a26aedb6f27420a76094a7f6b07507615cefe700b07899536e914557b544 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-allow-credentials true cf-ray 7998542adea1911f-FRA access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	VyjhXhC44a Show response api.userway.org/api/tunings/	985 B 1 KB	840ms 175ms	XHR application/json	35.167.73.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.userway.org/api/tunings/VyjhXhC44a Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.167.73.94 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-167-73-94.us-west-2.compute.amazonaws.com Software / Resource Hash 95f218bad933add25817b6635aed65272ee67b24d9ba2cb72829bd25cf1d379d Request headers Referer https://minerva-labs.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 14 Feb 2023 19:49:45 GMT etag W/"3d9-TwY9PwVPuk0eVmP0s8BEVangS/Y" access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, PATCH, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-service-request-id usre571b5e41f334e8 access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type access-control-allow-headers * content-length 985 x-service-version uw-pr
GET H2	200	f1-VT.png 586202317.r.cdnsun.net/wp-content/uploads/2023/02/	82 KB 82 KB	62ms 62ms	Image image/png	185.94.190.147 M247
General Check archive.org Show headers Download Go to Show image Full URL https://586202317.r.cdnsun.net/wp-content/uploads/2023/02/f1-VT.png Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.94.190.147 Budapest, Hungary, ASN9009 (M247, RO), Reverse DNS adglpg147.smuniz.pw Software nginx / Resource Hash ae8d5d1ac38e97860c3509bc71ad690409699fd989c1ae2992eaf488f81536c0 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:44 GMT last-modified Mon, 13 Feb 2023 15:00:23 GMT server nginx x-edge-location Budapest, HU etag "63ea5087-1475e" x-cache HIT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 x-edge-ip 185.94.190.147 x-age 45489 accept-ranges bytes content-length 83806 x-storage 3004124:8001
POST H2	200	/ Show response api.amplitude.com/	7 B 206 B	557ms 201ms	XHR text/html	35.167.186.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.167.186.221 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-167-186-221.us-west-2.compute.amazonaws.com Software / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://minerva-labs.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Tue, 14 Feb 2023 19:49:45 GMT strict-transport-security max-age=15768000 trace-id Root=1-63ebe5d9-1b498d9f1713190d5ec1e3f4 content-length 7 access-control-allow-methods GET, POST content-type text/html;charset=utf-8
GET H2	200	/ Show response prism.app-us1.com/	248 B 464 B	262ms 219ms	Script application/javascript	2606:4700::6811:925b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prism.app-us1.com/?a=612108196&u=https%3A%2F%2Fminerva-labs.com%2Fblog%2Fbeepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware%2F Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 5883ccc775677dc2070205c350cacbc9ddac44d7cd4c50defa4e1fec4d507863 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:45 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.4.33 content-type application/javascript cache-control no-cache, private x-envoy-upstream-service-time 113 cf-ray 7998542bdf369948-FRA
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 209 B	47ms 37ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1050392679&t=pageview&_s=1&dl=https%3A%2F%2Fminerva-labs.com%2Fblog%2Fbeepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware%2F&ul=en-us&de=UTF-8&dt=Beepin%27%20Out%20of%20the%20Sandbox%3A%20Analyzing%20a%20New%2C%20Extremely%20Evasive%20Malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=592250252&gjid=2114724039&cid=1554151807.1676404185&tid=UA-78700336-1&_gid=1373304687.1676404185&_r=1&_slc=1&gtm=45He32d0n71WJ4TZK&z=1517929216 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://minerva-labs.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 14 Feb 2023 19:49:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://minerva-labs.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/645485640/	42 B 455 B	137ms 49ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/645485640/?random=1676404184706&cv=11&fst=1676401200000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fminerva-labs.com%2Fblog%2Fbeepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware%2F&tiba=Beepin%27%20Out%20of%20the%20Sandbox%3A%20Analyzing%20a%20New%2C%20Extremely%20Evasive%20Malware&fmt=3&is_vtc=1&random=764026501&rmt_tld=0&ipr=y Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers pragma no-cache date Tue, 14 Feb 2023 19:49:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/645485640/	42 B 455 B	147ms 53ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/645485640/?random=1676404184706&cv=11&fst=1676401200000&bg=ffffff&guid=ON&async=1&gtm=45He32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fminerva-labs.com%2Fblog%2Fbeepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware%2F&tiba=Beepin%27%20Out%20of%20the%20Sandbox%3A%20Analyzing%20a%20New%2C%20Extremely%20Evasive%20Malware&fmt=3&is_vtc=1&random=764026501&rmt_tld=1&ipr=y Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers pragma no-cache date Tue, 14 Feb 2023 19:49:45 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	57ms 18ms	XHR text/plain	2a00:1450:400c:c0c::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-78700336-1&cid=1554151807.1676404185&jid=592250252&gjid=2114724039&_gid=1373304687.1676404185&_u=YEBAAEAAAAAAACAAI~&z=34980031 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://minerva-labs.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 14 Feb 2023 19:49:45 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://minerva-labs.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	61ms 60ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-78700336-1&cid=1554151807.1676404185&jid=592250252&_u=YEBAAEAAAAAAACAAI~&z=560374715 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers pragma no-cache date Tue, 14 Feb 2023 19:49:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	62ms 62ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-78700336-1&cid=1554151807.1676404185&jid=592250252&_u=YEBAAEAAAAAAACAAI~&z=560374715 Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers pragma no-cache date Tue, 14 Feb 2023 19:49:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	t_prism_sitemessages.php Show response trackcmp.net/	0 314 B	168ms 122ms	Script text/javascript	2606:4700:4400::6812:2a69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trackcmp.net/t_prism_sitemessages.php?trackid=612108196&prismid=abd7afa9-316f-4a1b-8cb6-47ad90c6f1e7&url=https%3A%2F%2Fminerva-labs.com%2Fblog%2Fbeepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware%2F Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2a69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.1.15 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:45 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/8.1.15 p3p CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" content-type text/javascript;charset=UTF-8 cache-control no-cache, private x-envoy-upstream-service-time 9 x-privacy-policy You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/ cf-ray 7998542d8f3d372c-FRA content-length 0
GET H2	200	refill Show response minerva-labs.com/wp-json/contact-form-7/v1/contact-forms/2766/	2 B 452 B	223ms 223ms	Fetch application/json	67.205.167.225 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://minerva-labs.com/wp-json/contact-form-7/v1/contact-forms/2766/refill Requested by Host: 586202317.r.cdnsun.net URL: https://586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.167.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 753902.cloudwaysapps.com Software nginx / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, */*;q=0.1 Referer https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:45 GMT content-encoding gzip x-content-type-options nosniff server nginx allow GET vary Origin,Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control max-age=0 x-robots-tag noindex link <https://minerva-labs.com/wp-json/>; rel="https://api.w.org/" content-length 22 access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type expires Tue, 14 Feb 2023 19:49:45 GMT
GET H2	200	refill Show response minerva-labs.com/wp-json/contact-form-7/v1/contact-forms/2835/	2 B 452 B	223ms 223ms	Fetch application/json	67.205.167.225 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://minerva-labs.com/wp-json/contact-form-7/v1/contact-forms/2835/refill Requested by Host: 586202317.r.cdnsun.net URL: https://586202317.r.cdnsun.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.205.167.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS 753902.cloudwaysapps.com Software nginx / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept application/json, */*;q=0.1 Referer https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers date Tue, 14 Feb 2023 19:49:45 GMT content-encoding gzip x-content-type-options nosniff server nginx allow GET vary Origin,Accept-Encoding content-type application/json; charset=UTF-8 access-control-allow-origin * access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link cache-control max-age=0 x-robots-tag noindex link <https://minerva-labs.com/wp-json/>; rel="https://api.w.org/" content-length 22 access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type expires Tue, 14 Feb 2023 19:49:45 GMT
GET H2	200	en-US.json Show response cdn.userway.org/widgetapp/2023-02-14/locales/	433 B 856 B	54ms 18ms	XHR application/json	2a02:6ea0:cb00::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.userway.org/widgetapp/2023-02-14/locales/en-US.json Requested by Host: minerva-labs.com URL: https://minerva-labs.com/blog/beepin-out-of-the-sandbox-analyzing-a-new-extremely-evasive-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89 Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers x-77-pop viennaAT date Tue, 14 Feb 2023 19:49:45 GMT via 1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop VIE50-C2 age 586 x-amz-server-side-encryption AES256 x-cache HIT x-77-cache HIT x-age 31126 x-77-nzt Abm0DAahtBb/lnkAAA x-accel-expires @1702293059 last-modified Tue, 14 Feb 2023 10:59:30 GMT server CDN77-Turbo etag W/"0c4b53012957584c54e80867ff489590" x-77-nzt-ray fefc880d6c1013f4d9e5eb639ea0e825 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type application/json access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public x-amz-cf-id m9f3W-hqgAX2y-wVih08w-Ac4xE4Bf4JkTKjwWcgnbRtPUSSQ8bCRw==
GET H2	200	body_wh.svg cdn.userway.org/widgetapp/images/	931 B 1 KB	19ms 19ms	Image image/svg+xml	2a02:6ea0:cb00::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/body_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers x-77-pop viennaAT date Tue, 14 Feb 2023 19:49:46 GMT via 1.1 4fcd504c9be280bceae32e94ae54e04e.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop VIE50-C2 age 68 x-cache HIT x-77-cache HIT x-age 2794878 x-77-nzt Abm0DAYOvnf/fqUqAA x-accel-expires @1699529308 last-modified Fri, 13 Jan 2023 11:00:14 GMT server CDN77-Turbo etag W/"2ec2767a3bb93656fb9b75c893d7be75" x-77-nzt-ray fefc880d99135ee6dae5eb63ed834608 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public x-amz-cf-id KQg2VpgomOGgq6QGJfuKjSdyaawXNJ_txVdWGazZ4Xlu_aImDsdokg==
GET H2	200	spin_wh.svg cdn.userway.org/widgetapp/images/	2 KB 1 KB	20ms 20ms	Image image/svg+xml	2a02:6ea0:cb00::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.userway.org/widgetapp/images/spin_wh.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c Request headers accept-language de-DE,de;q=0.9 Referer https://minerva-labs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36 Response headers x-77-pop viennaAT date Tue, 14 Feb 2023 19:49:46 GMT via 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront) content-encoding gzip x-amz-cf-pop VIE50-C2 age 68 x-cache HIT x-77-cache HIT x-age 2794878 x-77-nzt Abm0DAaJPwLvfqUqAA x-accel-expires @1699529308 last-modified Fri, 13 Jan 2023 11:00:14 GMT server CDN77-Turbo etag W/"8e0a35946bf39d10f46a1f1653366a0a" x-77-nzt-ray fefc880d99135ee6dae5eb6307054b08 access-control-max-age 3000 access-control-allow-methods GET, HEAD, PUT, POST, DELETE content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Range, Content-Length, ETag, Content-Type cache-control max-age=25920000, public vary Accept-Encoding x-amz-cf-id axT43vFqdGcGJXednCEI6yCC18pH5P4wnC-qukQxu9WJ04XZNFYA3A==