urlscan.io logo urlscan.io
SecurityTrails logo

www.thesafemac.com Open in urlscan Pro
173.236.144.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.thesafemac.com/new-signed-malware-called-janicab/
Effective URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Submission: On February 02 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 173.236.144.204, located in United States and belongs to DREAMHOST-AS, US. The main domain is www.thesafemac.com.
TLS certificate: Issued by R3 on January 14th 2023. Valid for: 3 months.
This is the only time www.thesafemac.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 173.236.144.204 26347 (DREAMHOST-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a04:fa87:fff... 2635 (AUTOMATTIC)
28 4
Apex Domain
Subdomains		 Transfer
19 thesafemac.com
www.thesafemac.com
236 KB
6 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1758
10 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 742
49 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
33 KB
28 4
Domain Requested by
19 www.thesafemac.com 1 redirects www.thesafemac.com
6 secure.gravatar.com www.thesafemac.com
3 maxcdn.bootstrapcdn.com www.thesafemac.com
maxcdn.bootstrapcdn.com
1 ajax.googleapis.com www.thesafemac.com
28 4

This site contains links to these domains. Also see Links.

Domain
www.adwaremedic.com
blog.malwarebytes.org
www.f-secure.com
www.malwarebytes.org
Subject Issuer Validity Valid
www.thesafemac.com
R3		 2023-01-14 -
2023-04-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.thesafemac.com/new-signed-malware-called-janicab/
Frame ID: 05F1898185E9E37F4BC83ACB82D51EFE
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Safe Mac » New signed malware called Janicab

Page URL History Show full URLs

  1. http://www.thesafemac.com/new-signed-malware-called-janicab/ HTTP 301
    https://www.thesafemac.com/new-signed-malware-called-janicab/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

328 kB
Transfer

666 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.thesafemac.com/new-signed-malware-called-janicab/ HTTP 301
    https://www.thesafemac.com/new-signed-malware-called-janicab/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thesafemac.com/new-signed-malware-called-janicab/
Redirect Chain
  • http://www.thesafemac.com/new-signed-malware-called-janicab/
  • https://www.thesafemac.com/new-signed-malware-called-janicab/
29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
f958e40ff5142134273c37f31d8190f7954d4a1507fa6819884d22b99fad09b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600
content-encoding
gzip
content-length
8407
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 14:04:05 GMT
expires
Thu, 02 Feb 2023 14:14:05 GMT
link
<https://www.thesafemac.com/wp-json/>; rel="https://api.w.org/", <https://www.thesafemac.com/?p=1070>; rel=shortlink
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

Cache-Control
max-age=600
Connection
Keep-Alive
Content-Length
269
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 02 Feb 2023 14:04:05 GMT
Expires
Thu, 02 Feb 2023 14:14:05 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.thesafemac.com/new-signed-malware-called-janicab/
Server
Apache
style.css
www.thesafemac.com/wp-content/themes/thesafemac-mb/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-content/themes/thesafemac-mb/style.css
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
2a4b44821ec1a821f3e5e57766f3066a0f8d8456e446b580331f2ce51c019297

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2015 20:22:56 GMT
server
Apache
etag
"1588-51adb9a832800-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1524
expires
Sat, 04 Mar 2023 14:04:06 GMT
style.min.css
www.thesafemac.com/wp-includes/css/dist/block-library/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Thu, 30 Apr 2020 12:57:14 GMT
server
Apache
etag
"d159-5a4819a9267dc-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7905
expires
Sat, 04 Mar 2023 14:04:06 GMT
jquery.fancybox.min.css
www.thesafemac.com/wp-content/plugins/easy-fancybox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Tue, 15 Oct 2019 01:35:29 GMT
server
Apache
etag
"fda-594e8ffd56e95-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1116
expires
Sat, 04 Mar 2023 14:04:06 GMT
jquery.js
www.thesafemac.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Thu, 05 Sep 2019 06:58:18 GMT
server
Apache
etag
"17a69-591c8d8ac4d1e-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Sat, 04 Mar 2023 14:04:06 GMT
jquery-migrate.min.js
www.thesafemac.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2016 18:58:15 GMT
server
Apache
etag
"2748-535ce673adfc0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4045
expires
Sat, 04 Mar 2023 14:04:06 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 12:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 12:47:52 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
864
age
19373329
cdn-cachedat
02/24/2022 14:58:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"5d5357cb3704e1f43a1f5bfed2aebf42"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fbe7e6fea753e22c4e1fd8ba1cf2b066
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
79337959ead6bb71-FRA
cdn-requestpullsuccess
True
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
718, 718
age
713336
cdn-cachedat
2021-04-13 02:50:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f555eecc83d07422a81af3803a9b15cc
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
79337959ead9bb71-FRA
cdn-requestpullsuccess
True
thesafemac.js
www.thesafemac.com/wp-content/themes/thesafemac-mb/ 		972 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-content/themes/thesafemac-mb/thesafemac.js
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
df7162c4f71fae79995ba54af104543c81c21ee5e1250c152f5478bd536d4178

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Tue, 14 Jul 2015 20:22:56 GMT
server
Apache
etag
"3cc-51adb9a832800-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
370
expires
Sat, 04 Mar 2023 14:04:06 GMT
Malwarebytes-TheSafeMac-logo.png
www.thesafemac.com/wp-content/themes/thesafemac-mb/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesafemac.com/wp-content/themes/thesafemac-mb/images/Malwarebytes-TheSafeMac-logo.png
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
4423ca16d8a51f08b8befc567b686b5cd5666f939d08fd62740aff16ed45ca77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Tue, 14 Jul 2015 20:22:54 GMT
server
Apache
etag
"222b-51adb9a64a380"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8747
expires
Sat, 04 Mar 2023 14:04:06 GMT
e-biohazard.png
www.thesafemac.com/wp-content/uploads/2012/07/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesafemac.com/wp-content/uploads/2012/07/e-biohazard.png
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
faf90d5e0cf77dcf5deb7f854bb61e1dd5a0542e2dd5ada66c12bc30edd07a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Mon, 20 May 2013 15:16:40 GMT
server
Apache
etag
"77d4-4dd27d1ca4600"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30676
expires
Sat, 04 Mar 2023 14:04:06 GMT
Janicab-first-run-300x173.png
www.thesafemac.com/wp-content/uploads/2013/07/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesafemac.com/wp-content/uploads/2013/07/Janicab-first-run-300x173.png
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
c45f2010b7f5d53755a11e3a22c4e9a2701d540fa16d612730ca842b52f12177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Mon, 15 Jul 2013 17:49:31 GMT
server
Apache
etag
"5a7a-4e1907b89a0c0"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
23162
expires
Sat, 04 Mar 2023 14:04:06 GMT
Janicab-document-150x150.png
www.thesafemac.com/wp-content/uploads/2013/07/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesafemac.com/wp-content/uploads/2013/07/Janicab-document-150x150.png
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
48447390703d4b124a83c90ac2907a47ff6a8d4fadb13b524703f60c6382cebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Mon, 15 Jul 2013 17:53:00 GMT
server
Apache
etag
"66a9-4e19087feb700"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
26281
expires
Sat, 04 Mar 2023 14:04:06 GMT
Janicab-.t-directory-238x300.png
www.thesafemac.com/wp-content/uploads/2013/07/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesafemac.com/wp-content/uploads/2013/07/Janicab-.t-directory-238x300.png
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
e31e0c80bf679742d02ab39eb16956f9ceaa884652769b8adee2bd1e435efa07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Mon, 15 Jul 2013 17:53:21 GMT
server
Apache
etag
"938d-4e190893f2640"
vary
User-Agent,Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
37773
expires
Sat, 04 Mar 2023 14:04:06 GMT
c81ead92b34944f42bd600c31defc57b
secure.gravatar.com/avatar/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/c81ead92b34944f42bd600c31defc57b?s=48&d=mm&r=g
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Thu, 15 Aug 2013 03:37:17 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="c81ead92b34944f42bd600c31defc57b.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/c81ead92b34944f42bd600c31defc57b?s=48&d=mm&r=g>; rel="canonical"
content-length
1021
expires
Thu, 02 Feb 2023 14:09:06 GMT
50dc6e619bd8dcf3991a3ed249dd166f
secure.gravatar.com/avatar/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/50dc6e619bd8dcf3991a3ed249dd166f?s=48&d=mm&r=g
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b2eb067f4d6fc5d8cd1969140f6c397c4f5bb510f1c1586c6a6b6c2f0972fabf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Wed, 27 Feb 2013 19:39:20 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="50dc6e619bd8dcf3991a3ed249dd166f.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/50dc6e619bd8dcf3991a3ed249dd166f?s=48&d=mm&r=g>; rel="canonical"
content-length
3046
expires
Thu, 02 Feb 2023 14:09:06 GMT
e86218b0d5355db6ee9b24848a6cec97
secure.gravatar.com/avatar/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/e86218b0d5355db6ee9b24848a6cec97?s=48&d=mm&r=g
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="e86218b0d5355db6ee9b24848a6cec97.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/e86218b0d5355db6ee9b24848a6cec97?s=48&d=mm&r=g>; rel="canonical"
content-length
1021
expires
Thu, 02 Feb 2023 14:09:06 GMT
8f43effd03d0bb31acff4b88613f0d4a
secure.gravatar.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/8f43effd03d0bb31acff4b88613f0d4a?s=48&d=mm&r=g
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fc5b2554f1187dfbf2c62bae7acb9a2cfb53a018f16bf7b1e9c7456ecf6beea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Tue, 09 Aug 2016 22:33:59 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8f43effd03d0bb31acff4b88613f0d4a.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/8f43effd03d0bb31acff4b88613f0d4a?s=48&d=mm&r=g>; rel="canonical"
content-length
1946
expires
Thu, 02 Feb 2023 14:09:06 GMT
0981fde2bd5f13bf6e13de63bc021c34
secure.gravatar.com/avatar/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/0981fde2bd5f13bf6e13de63bc021c34?s=48&d=mm&r=g
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="0981fde2bd5f13bf6e13de63bc021c34.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/0981fde2bd5f13bf6e13de63bc021c34?s=48&d=mm&r=g>; rel="canonical"
content-length
1021
expires
Thu, 02 Feb 2023 14:09:06 GMT
367be7b7bf54539910fc9009b3759a7a
secure.gravatar.com/avatar/ 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/367be7b7bf54539910fc9009b3759a7a?s=48&d=mm&r=g
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
caff7daefd6a18756ce8a6c6be654371009357774002cedf9f9531e650828ae8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Wed, 01 Jan 2014 10:59:12 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="367be7b7bf54539910fc9009b3759a7a.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/367be7b7bf54539910fc9009b3759a7a?s=48&d=mm&r=g>; rel="canonical"
content-length
969
expires
Thu, 02 Feb 2023 14:09:06 GMT
MBAM-Mac.jpg
www.thesafemac.com/wp-content/themes/thesafemac-mb/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesafemac.com/wp-content/themes/thesafemac-mb/images/MBAM-Mac.jpg
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
406c7e9bd4fbf9d2d60ebc257d5f3bc9da46b2fdf2207d730543d06b54dcc9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
last-modified
Tue, 14 Jul 2015 20:22:55 GMT
server
Apache
etag
"aaae-51adb9a73e5c0"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
43694
expires
Sat, 04 Mar 2023 14:04:06 GMT
comment-reply.min.js
www.thesafemac.com/wp-includes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-includes/js/comment-reply.min.js?ver=5.4.12
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
4f00ec40b144121114b6cec693fccc2b51a06ab01fc34defa466467b581a7f2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 07:58:37 GMT
server
Apache
etag
"944-5bffe3b19d8c5-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1144
expires
Sat, 04 Mar 2023 14:04:06 GMT
jquery.fancybox.min.js
www.thesafemac.com/wp-content/plugins/easy-fancybox/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Tue, 15 Oct 2019 01:35:29 GMT
server
Apache
etag
"4d4f-594e8ffd59d75-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6356
expires
Sat, 04 Mar 2023 14:04:06 GMT
jquery.easing.min.js
www.thesafemac.com/wp-content/plugins/easy-fancybox/js/ 		2 KB
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Tue, 15 Oct 2019 01:35:29 GMT
server
Apache
etag
"8fe-594e8ffd59d75-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
767
expires
Sat, 04 Mar 2023 14:04:06 GMT
jquery.mousewheel.min.js
www.thesafemac.com/wp-content/plugins/easy-fancybox/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Tue, 15 Oct 2019 01:35:29 GMT
server
Apache
etag
"a31-594e8ffd59d75-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1146
expires
Sat, 04 Mar 2023 14:04:06 GMT
wp-embed.min.js
www.thesafemac.com/wp-includes/js/ 		1 KB
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesafemac.com/wp-includes/js/wp-embed.min.js?ver=5.4.12
Requested by
Host: www.thesafemac.com
URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.236.144.204 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
ps185057.dreamhostps.com
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thesafemac.com/new-signed-malware-called-janicab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 07:58:37 GMT
server
Apache
etag
"592-5bffe3b1a07a4-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
765
expires
Sat, 04 Mar 2023 14:04:06 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Origin
https://www.thesafemac.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 14:04:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1075
age
272290
cdn-cachedat
01/04/2023 07:40:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18028
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
"448c34a56d699c29117adc64c43affeb"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f7a997a9d82d21deff005b6bd6e47653
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7933795b5f649b39-FRA
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| jQuery111306053176266090403 object| addComment function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| wp

0 Cookies

2 Console Messages

Source Level URL
Text
security warning URL: https://www.thesafemac.com/new-signed-malware-called-janicab/
Message:
Mixed Content: The page at 'https://www.thesafemac.com/new-signed-malware-called-janicab/' was loaded over HTTPS, but requested an insecure element 'http://www.thesafemac.com/wp-content/uploads/2013/07/Janicab-document-150x150.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.thesafemac.com/new-signed-malware-called-janicab/(Line 172)
Message:
Mixed Content: The page at 'https://www.thesafemac.com/new-signed-malware-called-janicab/' was loaded over HTTPS, but requested an insecure element 'http://www.thesafemac.com/wp-content/uploads/2013/07/Janicab-document-150x150.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
maxcdn.bootstrapcdn.com
secure.gravatar.com
www.thesafemac.com
173.236.144.204
2606:4700::6812:bcf
2a00:1450:4001:810::200a
2a04:fa87:fffe::c000:4902
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2a4b44821ec1a821f3e5e57766f3066a0f8d8456e446b580331f2ce51c019297
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07
406c7e9bd4fbf9d2d60ebc257d5f3bc9da46b2fdf2207d730543d06b54dcc9c3
4423ca16d8a51f08b8befc567b686b5cd5666f939d08fd62740aff16ed45ca77
48447390703d4b124a83c90ac2907a47ff6a8d4fadb13b524703f60c6382cebe
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4f00ec40b144121114b6cec693fccc2b51a06ab01fc34defa466467b581a7f2c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b2eb067f4d6fc5d8cd1969140f6c397c4f5bb510f1c1586c6a6b6c2f0972fabf
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c45f2010b7f5d53755a11e3a22c4e9a2701d540fa16d612730ca842b52f12177
caff7daefd6a18756ce8a6c6be654371009357774002cedf9f9531e650828ae8
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
df7162c4f71fae79995ba54af104543c81c21ee5e1250c152f5478bd536d4178
e31e0c80bf679742d02ab39eb16956f9ceaa884652769b8adee2bd1e435efa07
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f958e40ff5142134273c37f31d8190f7954d4a1507fa6819884d22b99fad09b2
faf90d5e0cf77dcf5deb7f854bb61e1dd5a0542e2dd5ada66c12bc30edd07a45
fc5b2554f1187dfbf2c62bae7acb9a2cfb53a018f16bf7b1e9c7456ecf6beea5
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c